{"id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "published": "2012-08-01T00:00:00", "modified": "2012-08-01T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "reporter": "Tenable", "references": ["http://www.nessus.org/u?a561cb11"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "type": "nessus", "lastseen": "2018-09-02T00:03:08", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 1, "enchantments": {}, "hash": "06ef87f03bf2a6e54cf8956e157f008abd799a324e5284db34d77b96b5a747c4", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2016-09-26T17:26:03", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "4cc58ae2f62fce18fee2f6e5b6c973d0bbff10f7e4b7d9413dd61822680e8067", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "b1e432cd926620a2b9bd9816ef9503c6", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2017-10-29T13:43:24", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:43:24"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 3, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "bcb7669a8bee4069a319d15f8d49358362af71d25109e6f1dcc5b8007bc73b45", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "b1e432cd926620a2b9bd9816ef9503c6", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2018-08-30T19:53:23", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:53:23"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "b1e432cd926620a2b9bd9816ef9503c6"}, {"key": "cvelist", "hash": "7997d5ae47791c98fcd44a09734fbf43"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "5bf5ea4544d81c99ebe7280b545a1922"}, {"key": "href", "hash": "98598a687aecf3bc6e9c0ef2ecc068e0"}, {"key": "modified", "hash": "3ff4afbf9eedf98937c2e5c5cf13456f"}, {"key": "naslFamily", "hash": "b3a4d461a1383c8ba9fa401b58d29827"}, {"key": "pluginID", "hash": "9a54a33bda21279ea4f263e567096ba1"}, {"key": "published", "hash": "3ff4afbf9eedf98937c2e5c5cf13456f"}, {"key": "references", "hash": "bed951b2eaa5deb802dc7e1cc614159c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "9cbf9c75bb6eac86839a4a4adcf2fe46"}, {"key": "title", "hash": "2d34aaeb963144a6faaca1b3c9fb6057"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "4cc58ae2f62fce18fee2f6e5b6c973d0bbff10f7e4b7d9413dd61822680e8067", "viewCount": 1, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "pluginID": "60916", "cpe": ["x-cpe:/o:fermilab:scientific_linux"]}

{"openvas": [{"lastseen": "2017-07-25T10:55:51", "references": ["2010:0966", "http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html"], "pluginID": "880467", "description": "Check for the Version of firefox", "edition": 2, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-01-31T00:00:00", "title": "CentOS Update for firefox CESA-2010:0966 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880467", "id": "OPENVAS:880467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2010:0966 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\n CVE-2010-3777)\n \n A flaw was found in the way Firefox handled malformed JavaScript. A website\n with an object containing malicious JavaScript could cause Firefox to\n execute that JavaScript with the privileges of the user running Firefox.\n (CVE-2010-3771)\n \n This update adds support for the Sanitiser for OpenType (OTS) library to\n Firefox. This library helps prevent potential exploits in malformed\n OpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n \n A flaw was found in the way Firefox loaded Java LiveConnect scripts.\n Malicious web content could load a Java LiveConnect script in a way that\n would result in the plug-in object having elevated privileges, allowing it\n to execute Java code with the privileges of the user running Firefox.\n (CVE-2010-3775)\n \n It was found that the fix for CVE-2010-0179 was incomplete when the Firebug\n add-on was used. If a user visited a website containing malicious\n JavaScript while the Firebug add-on was enabled, it could cause Firefox to\n execute arbitrary JavaScript with the privileges of the user running\n Firefox. (CVE-2010-3773)\n \n A flaw was found in the way Firefox presented the location bar to users. A\n malicious website could trick a user into thinking they are visiting the\n site reported by the location bar, when the page is actually content\n controlled by an attacker. (CVE-2010-3774)\n \n A cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\n x-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\n converted to angle brackets when displayed. If server-side script filtering\n missed these cases, it could result in Firefox executing JavaScript code\n with the permissions of a different website. (CVE-2010-3770)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.6.13. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n \n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.6.13, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\");\n script_id(880467);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0966\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-0179\");\n script_name(\"CentOS Update for firefox CESA-2010:0966 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~3.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:06:06", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html"], "pluginID": "1361412562310862727", "description": "Check for the Version of xulrunner", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for xulrunner FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862727", "id": "OPENVAS:1361412562310862727", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 14\";\ntag_insight = \"XULRunner provides the XUL Runtime environment for Gecko applications.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862727\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for xulrunner FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:04:38", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html", "2010-18775"], "pluginID": "1361412562310862723", "description": "Check for the Version of xulrunner", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for xulrunner FEDORA-2010-18775", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862723", "id": "OPENVAS:1361412562310862723", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 13\";\ntag_insight = \"XULRunner provides the XUL Runtime environment for Gecko applications.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862723\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for xulrunner FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-23T13:05:45", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html"], "pluginID": "1361412562310862724", "description": "Check for the Version of firefox", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for firefox FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862724", "id": "OPENVAS:1361412562310862724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 14\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862724\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for firefox FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:21", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052033.html", "2010-18773"], "pluginID": "862730", "description": "Check for the Version of mozvoikko", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for mozvoikko FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862730", "id": "OPENVAS:862730", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mozvoikko FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mozvoikko on Fedora 14\";\ntag_insight = \"This is mozvoikko, an extension for Mozilla programs for using the Finnish\n spell-checker Voikko.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052033.html\");\n script_id(862730);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for mozvoikko FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mozvoikko\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozvoikko\", rpm:\"mozvoikko~1.0~17.fc14.1\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:16", "references": ["2010-18775", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html"], "pluginID": "862726", "description": "Check for the Version of gnome-python2-extras", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for gnome-python2-extras FEDORA-2010-18775", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862726", "id": "OPENVAS:862726", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 13\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html\");\n script_id(862726);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~25.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:38", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html"], "pluginID": "862724", "description": "Check for the Version of firefox", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for firefox FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862724", "id": "OPENVAS:862724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 14\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html\");\n script_id(862724);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for firefox FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:36", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052031.html"], "pluginID": "862725", "description": "Check for the Version of gnome-web-photo", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for gnome-web-photo FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862725", "id": "OPENVAS:862725", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-web-photo FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-web-photo on Fedora 14\";\ntag_insight = \"gnome-web-photo contains a thumbnailer that will be used by GNOME applications,\n including the file manager, to generate screenshots of web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052031.html\");\n script_id(862725);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for gnome-web-photo FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-web-photo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-web-photo\", rpm:\"gnome-web-photo~0.9~16.fc14.1\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:22", "references": ["2010-18775", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052019.html"], "pluginID": "862722", "description": "Check for the Version of mozvoikko", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for mozvoikko FEDORA-2010-18775", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862722", "id": "OPENVAS:862722", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mozvoikko FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mozvoikko on Fedora 13\";\ntag_insight = \"This is mozvoikko, an extension for Mozilla programs for using the Finnish\n spell-checker Voikko.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052019.html\");\n script_id(862722);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for mozvoikko FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mozvoikko\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozvoikko\", rpm:\"mozvoikko~1.0~17.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:39", "references": ["http://lists.centos.org/pipermail/centos-announce/2011-January/017228.html", "2010:0966"], "pluginID": "1361412562310881398", "description": "Check for the Version of firefox", "edition": 3, "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "published": "2012-07-30T00:00:00", "title": "CentOS Update for firefox CESA-2010:0966 centos4 x86_64", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310881398", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881398", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2010:0966 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\n CVE-2010-3777)\n\n A flaw was found in the way Firefox handled malformed JavaScript. A website\n with an object containing malicious JavaScript could cause Firefox to\n execute that JavaScript with the privileges of the user running Firefox.\n (CVE-2010-3771)\n\n This update adds support for the Sanitiser for OpenType (OTS) library to\n Firefox. This library helps prevent potential exploits in malformed\n OpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n\n A flaw was found in the way Firefox loaded Java LiveConnect scripts.\n Malicious web content could load a Java LiveConnect script in a way that\n would result in the plug-in object having elevated privileges, allowing it\n to execute Java code with the privileges of the user running Firefox.\n (CVE-2010-3775)\n\n It was found that the fix for CVE-2010-0179 was incomplete when the Firebug\n add-on was used. If a user visited a website containing malicious\n JavaScript while the Firebug add-on was enabled, it could cause Firefox to\n execute arbitrary JavaScript with the privileges of the user running\n Firefox. (CVE-2010-3773)\n\n A flaw was found in the way Firefox presented the location bar to users. A\n malicious website could trick a user into thinking they are visiting the\n site reported by the location bar, when the page is actually content\n controlled by an attacker. (CVE-2010-3774)\n\n A cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\n x-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\n converted to angle brackets when displayed. If server-side script filtering\n missed these cases, it could result in Firefox executing JavaScript code\n with the permissions of a different website. (CVE-2010-3770)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.6.13. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.6.13, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017228.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881398\");\n script_version(\"$Revision: 9352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:43:42 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\",\n \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\",\n \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-0179\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0966\");\n script_name(\"CentOS Update for firefox CESA-2010:0966 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~3.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:40:54", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.i386.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\nCVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website\nwith an object containing malicious JavaScript could cause Firefox to\nexecute that JavaScript with the privileges of the user running Firefox.\n(CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nFirefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running Firefox.\n(CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug\nadd-on was used. If a user visited a website containing malicious\nJavaScript while the Firebug add-on was enabled, it could cause Firefox to\nexecute arbitrary JavaScript with the privileges of the user running\nFirefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\nx-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\nconverted to angle brackets when displayed. If server-side script filtering\nmissed these cases, it could result in Firefox executing JavaScript code\nwith the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.13. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.13, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0966) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0179", "CVE-2010-3766", "CVE-2010-3767", "CVE-2010-3768", "CVE-2010-3770", "CVE-2010-3771", "CVE-2010-3772", "CVE-2010-3773", "CVE-2010-3774", "CVE-2010-3775", "CVE-2010-3776", "CVE-2010-3777"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:12", "id": "RHSA-2010:0966", "href": "https://access.redhat.com/errata/RHSA-2010:0966", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:52", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageName": "seamonkey", "packageFilename": "seamonkey-1.0.9-66.el4_8.i386.rpm", "operator": "lt"}], "description": "SeaMonkey is an open source web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nA flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running SeaMonkey.\n(CVE-2010-3775)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0967) Critical: seamonkey security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3767", "CVE-2010-3772", "CVE-2010-3775", "CVE-2010-3776"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:51:20", "id": "RHSA-2010:0967", "href": "https://access.redhat.com/errata/RHSA-2010:0967", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:56", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "i686", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-3.1.7-3.el6_0.i686.rpm", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2010-3776, CVE-2010-3777)\n\nNote: JavaScript support is disabled in Thunderbird for mail messages. The\nabove issues are believed to not be exploitable without JavaScript.\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nThunderbird. This library helps prevent potential exploits in malformed OpenType\nfonts by verifying the font file prior to use. (CVE-2010-3768)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0969) Moderate: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3777"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:12", "id": "RHSA-2010:0969", "href": "https://access.redhat.com/errata/RHSA-2010:0969", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:41:37", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.i386.rpm", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content. HTML\ncontaining malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nNote: JavaScript support is disabled by default in Thunderbird. The above\nissues are not exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0968) Moderate: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3767", "CVE-2010-3772", "CVE-2010-3776"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:54:12", "id": "RHSA-2010:0968", "href": "https://access.redhat.com/errata/RHSA-2010:0968", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:56", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.i386.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral use-after-free flaws were found in Firefox. Visiting a web page\ncontaining malicious content could result in Firefox executing arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-0175,\nCVE-2010-0176, CVE-2010-0177)\n\nA flaw was found in Firefox that could allow an applet to generate a drag\nand drop action from a mouse click. Such an action could be used to execute\narbitrary JavaScript with the privileges of the user running Firefox.\n(CVE-2010-0178)\n\nA privilege escalation flaw was found in Firefox when the Firebug add-on is\nin use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome\nprivilege escalation flaw that could be used to execute arbitrary\nJavaScript with the privileges of the user running Firefox. (CVE-2010-0179)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0174)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.19. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.19, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2010-03-30T04:00:00", "type": "redhat", "title": "(RHSA-2010:0332) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0176", "CVE-2010-0177", "CVE-2010-0178", "CVE-2010-0179"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:07:11", "id": "RHSA-2010:0332", "href": "https://access.redhat.com/errata/RHSA-2010:0332", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:34:46", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=660439", "http://www.nessus.org/u?060ea4c5", "http://www.nessus.org/u?4c81664e", "http://www.nessus.org/u?6e808f0c", "https://bugzilla.redhat.com/show_bug.cgi?id=660408", "http://www.nessus.org/u?42e7275c", "https://bugzilla.redhat.com/show_bug.cgi?id=660435", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "https://bugzilla.redhat.com/show_bug.cgi?id=660422", "https://bugzilla.redhat.com/show_bug.cgi?id=660419", "https://bugzilla.redhat.com/show_bug.cgi?id=660438", "https://bugzilla.redhat.com/show_bug.cgi?id=660431", "http://www.nessus.org/u?191cabf8", "http://www.nessus.org/u?9e29b859", "https://bugzilla.redhat.com/show_bug.cgi?id=660417", "https://bugzilla.redhat.com/show_bug.cgi?id=660429", "http://www.nessus.org/u?a918a1e7", "https://bugzilla.redhat.com/show_bug.cgi?id=660415", "http://www.nessus.org/u?488935df"], "pluginID": "51131", "description": "Update to new upstream Firefox version 3.6.13, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f irefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "Fedora 13 : firefox-3.6.13-1.fc13 / galeon-2.0.7-36.fc13 / gnome-python2-extras-2.25.3-25.fc13 / etc (2010-18775)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2015-10-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xulrunner", "p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed", "cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:gnome-web-photo", "p-cpe:/a:fedoraproject:fedora:galeon", "p-cpe:/a:fedoraproject:fedora:mozvoikko"], "id": "FEDORA_2010-18775.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51131", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18775.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51131);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/20 21:38:15 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_xref(name:\"FEDORA\", value:\"2010-18775\");\n\n script_name(english:\"Fedora 13 : firefox-3.6.13-1.fc13 / galeon-2.0.7-36.fc13 / gnome-python2-extras-2.25.3-25.fc13 / etc (2010-18775)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Firefox version 3.6.13, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f\nirefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt\nagainst new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660438\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660439\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052019.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e29b859\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42e7275c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a918a1e7\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?191cabf8\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e808f0c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?060ea4c5\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052025.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?488935df\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-web-photo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"firefox-3.6.13-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"galeon-2.0.7-36.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-python2-extras-2.25.3-25.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-web-photo-0.9-15.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mozvoikko-1.0-17.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"perl-Gtk2-MozEmbed-0.08-6.fc13.20\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"xulrunner-1.9.2.13-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / galeon / gnome-python2-extras / gnome-web-photo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:32", "references": ["http://www.nessus.org/u?fa8b28d0", "http://www.nessus.org/u?54c6a6f7"], "pluginID": "51362", "description": "Update to new upstream SeaMonkey version 2.0.11, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html #seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-23T00:00:00", "title": "Fedora 14 : seamonkey-2.0.11-1.fc14 (2010-18920)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:seamonkey"], "id": "FEDORA_2010-18920.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51362", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18920.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51362);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n script_xref(name:\"FEDORA\", value:\"2010-18920\");\n\n script_name(english:\"Fedora 14 : seamonkey-2.0.11-1.fc14 (2010-18920)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream SeaMonkey version 2.0.11, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html\n#seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa8b28d0\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54c6a6f7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"seamonkey-2.0.11-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-29T19:42:02", "references": ["https://access.redhat.com/security/cve/cve-2010-3768", "https://access.redhat.com/security/cve/cve-2010-3772", "https://access.redhat.com/security/cve/cve-2010-3766", "https://access.redhat.com/security/cve/cve-2010-3775", "https://access.redhat.com/errata/RHSA-2010:0966", "https://access.redhat.com/security/cve/cve-2010-3777", "http://code.google.com/p/ots/", "https://access.redhat.com/security/cve/cve-2010-3770", "https://access.redhat.com/security/cve/cve-2010-3774", "http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#", "https://access.redhat.com/security/cve/cve-2010-3776", "https://access.redhat.com/security/cve/cve-2010-3767", "https://access.redhat.com/security/cve/cve-2010-3771", "https://access.redhat.com/security/cve/cve-2010-3773"], "pluginID": "51107", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 8, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "RHEL 4 / 5 / 6 : firefox (RHSA-2010:0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-11-28T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0966. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51107);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : firefox (RHSA-2010:0966)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3771\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3776\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://code.google.com/p/ots/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0966\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0966\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-1.9.2.13-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-1.9.2.13-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-1.9.2.13-3.el6_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-22T03:14:29", "references": ["http://www.nessus.org/u?45e98a88", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-82/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-81/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-76/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-75/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-83/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-79/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-80/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-78/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-77/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-84/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-74/"], "pluginID": "51132", "description": "The Mozilla Project reports :\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)\n\nMFSA 2010-75 Buffer overflow while line breaking after document.write with long string\n\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex element\n\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree\n\nMFSA 2010-78 Add support for OTS font sanitizer\n\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data:\nURL meta refresh\n\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\n\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\n\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\n\nMFSA 2010-83 Location bar SSL spoofing using network error page\n\nMFSA 2010-84 XSS hazard in multiple character encodings", "edition": 6, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-11-21T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:linux-firefox", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:linux-firefox-devel", "p-cpe:/a:freebsd:freebsd:thunderbird"], "id": "FREEBSD_PKG_1D8FF4A2044511E08E32000F20797EDE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51132", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51132);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/21 10:46:30\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Project reports :\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/\n1.9.1.16)\n\nMFSA 2010-75 Buffer overflow while line breaking after document.write\nwith long string\n\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex\nelement\n\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a\nXUL tree\n\nMFSA 2010-78 Add support for OTS font sanitizer\n\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data:\nURL meta refresh\n\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\n\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\n\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\n\nMFSA 2010-83 Location bar SSL spoofing using network error page\n\nMFSA 2010-84 XSS hazard in multiple character encodings\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-74.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-74/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-75.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-75/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-76.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-76/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-77.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-77/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-78.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-78/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-79.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-79/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-80.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-80/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-81.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-81/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-82/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-83.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-83/\"\n );\n # http://www.mozilla.org/security/announce/2010/mfsa2010-84.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-84/\"\n );\n # https://vuxml.freebsd.org/freebsd/1d8ff4a2-0445-11e0-8e32-000f20797ede.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?45e98a88\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.6.*,1<3.6.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.5.*,1<3.5.16,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul>1.9.2.*<1.9.2.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<3.6.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox-devel<3.5.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey>2.0.*<2.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird>=3.1<3.1.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey>2.0.*<2.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>=3.0<3.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>=3.1<3.1.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:31", "references": ["http://www.nessus.org/u?78d33b3f", "https://bugzilla.redhat.com/show_bug.cgi?id=660439", "http://www.nessus.org/u?66cc8e92", "http://www.nessus.org/u?4c81664e", "https://bugzilla.redhat.com/show_bug.cgi?id=660408", "http://www.nessus.org/u?1c525a34", "https://bugzilla.redhat.com/show_bug.cgi?id=660435", "http://www.nessus.org/u?2324f8b5", "http://www.nessus.org/u?0355bd09", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "https://bugzilla.redhat.com/show_bug.cgi?id=660422", "https://bugzilla.redhat.com/show_bug.cgi?id=660419", "https://bugzilla.redhat.com/show_bug.cgi?id=660438", "http://www.nessus.org/u?bbb73d46", "https://bugzilla.redhat.com/show_bug.cgi?id=660431", "http://www.nessus.org/u?1ac95e28", "https://bugzilla.redhat.com/show_bug.cgi?id=660417", "https://bugzilla.redhat.com/show_bug.cgi?id=660429", "https://bugzilla.redhat.com/show_bug.cgi?id=660415"], "pluginID": "51130", "description": "Update to new upstream Firefox version 3.6.13, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f irefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "Fedora 14 : firefox-3.6.13-1.fc14 / galeon-2.0.7-36.fc14.1 / gnome-python2-extras-2.25.3-26.fc14.1 / etc (2010-18773)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xulrunner", "p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed", "cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:gnome-web-photo", "p-cpe:/a:fedoraproject:fedora:galeon", "p-cpe:/a:fedoraproject:fedora:mozvoikko"], "id": "FEDORA_2010-18773.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51130", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18773.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51130);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_xref(name:\"FEDORA\", value:\"2010-18773\");\n\n script_name(english:\"Fedora 14 : firefox-3.6.13-1.fc14 / galeon-2.0.7-36.fc14.1 / gnome-python2-extras-2.25.3-26.fc14.1 / etc (2010-18773)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Firefox version 3.6.13, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f\nirefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt\nagainst new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660438\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660439\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c525a34\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052030.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0355bd09\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052031.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78d33b3f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ac95e28\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052033.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2324f8b5\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052034.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66cc8e92\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb73d46\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-web-photo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"firefox-3.6.13-1.fc14\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"galeon-2.0.7-36.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"gnome-python2-extras-2.25.3-26.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"gnome-web-photo-0.9-16.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"mozvoikko-1.0-17.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"perl-Gtk2-MozEmbed-0.08-6.fc14.22\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"xulrunner-1.9.2.13-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / galeon / gnome-python2-extras / gnome-web-photo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:48", "references": ["http://www.nessus.org/u?4c81664e"], "pluginID": "51106", "description": "Security issues were identified and fixed in firefox :\n\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine.\nSites using these character encodings would thus be potentially vulnerable to script injection attacks if their script filtering code fails to strip out these specific characters (CVE-2010-3770).\n\nGoogle security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were (CVE-2010-3774).\n\nMozilla security researcher moz_bug_r_a4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges (CVE-2010-3773).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. The report demonstrated that an array could be constructed containing a very large number of items such that when memory was allocated to store the array items, the integer value used to calculate the buffer size would overflow resulting in too small a buffer being allocated. Subsequent use of the array object could then result in data being written past the end of the buffer and causing memory corruption (CVE-2010-3767).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals.\nThis flaw could lead to a inconsistent state where the iterator points to an object it believes is part of the DOM but actually points to some other object. If such an object had been deleted and its memory reclaimed by the system, then the iterator could be used to call into attacker-controlled memory (CVE-2010-3766).\n\nSecurity researcher Gregory Fleischer reported that when a Java LiveConnect script was loaded via a data: URL which redirects via a meta refresh, then the resulting plugin object was created with the wrong security principal and thus received elevated privileges such as the abilities to read local files, launch processes, and create network connections (CVE-2010-3775).\n\nMozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code.\nThis library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher Christoph Diehl (CVE-2010-3768).\n\nSecurity researcher wushi of team509 reported that when a XUL tree had an HTML \\<div\\> element nested inside a \\<treechildren\\> element then code attempting to display content in the XUL tree would incorrectly treat the \\<div\\> element as a parent node to tree content underneath it resulting in incorrect indexes being calculated for the child content. These incorrect indexes were used in subsequent array operations which resulted in writing data past the end of an allocated buffer. An attacker could use this issue to crash a victim's browser and run arbitrary code on their machine (CVE-2010-3772).\n\nSecurity researcher echo reported that a web page could open a window with an about:blank location and then inject an \\<isindex\\> element into that page which upon submission would redirect to a chrome:\ndocument. The effect of this defect was that the original page would wind up with a reference to a chrome-privileged object, the opened window, which could be leveraged for privilege escalation attacks (CVE-2010-3771).\n\nDirk Heinrich reported that on Windows platforms when document.write() was called with a very long string a buffer overflow was caused in line breaking routines attempting to process the string for display.\nSuch cases triggered an invalid read past the end of an array causing a crash which an attacker could potentially use to run arbitrary code on a victim's computer (CVE-2010-3769).\n\nMozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-3776, CVE-2010-3777).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90\n\nAdditionally, some packages which require so, have been rebuilt and are being provided as updates.\n\nUpdate :\n\nA mistake was done with the MDVSA-2010:251 and the MDVSA-2010:251-1 advisories where the localization files for firefox software was NOT updated to the 3.6.13 version. The secteam wishes to apologise for the unfortunate mistake and also wishes everyone a great christmas.\n\nRegards // Santa Claus", "edition": 5, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:firefox-zh_CN", "p-cpe:/a:mandriva:linux:firefox-sv_SE", "p-cpe:/a:mandriva:linux:firefox-sk", "p-cpe:/a:mandriva:linux:firefox-eu", "p-cpe:/a:mandriva:linux:firefox-oc", "p-cpe:/a:mandriva:linux:firefox-de", "p-cpe:/a:mandriva:linux:firefox-id", "p-cpe:/a:mandriva:linux:firefox-sl", "p-cpe:/a:mandriva:linux:firefox-es_ES", "p-cpe:/a:mandriva:linux:firefox-el", "p-cpe:/a:mandriva:linux:firefox-gl", "p-cpe:/a:mandriva:linux:firefox-fi", "p-cpe:/a:mandriva:linux:firefox-be", "p-cpe:/a:mandriva:linux:firefox-af", "p-cpe:/a:mandriva:linux:firefox-ja", "p-cpe:/a:mandriva:linux:firefox-ku", "p-cpe:/a:mandriva:linux:firefox-is", "p-cpe:/a:mandriva:linux:firefox-lv", "p-cpe:/a:mandriva:linux:firefox-pa_IN", "p-cpe:/a:mandriva:linux:firefox-tr", "p-cpe:/a:mandriva:linux:firefox-ga_IE", "p-cpe:/a:mandriva:linux:firefox-nl", "p-cpe:/a:mandriva:linux:firefox-lt", "p-cpe:/a:mandriva:linux:firefox-ro", "p-cpe:/a:mandriva:linux:firefox-it", "p-cpe:/a:mandriva:linux:firefox-fy", "p-cpe:/a:mandriva:linux:firefox-es_AR", "p-cpe:/a:mandriva:linux:firefox-bn", "p-cpe:/a:mandriva:linux:firefox-sq", "p-cpe:/a:mandriva:linux:firefox-ka", "p-cpe:/a:mandriva:linux:firefox-ru", "p-cpe:/a:mandriva:linux:firefox-fr", "p-cpe:/a:mandriva:linux:firefox-zh_TW", "p-cpe:/a:mandriva:linux:firefox-te", "p-cpe:/a:mandriva:linux:firefox-eo", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:firefox-mk", "p-cpe:/a:mandriva:linux:firefox-ca", "p-cpe:/a:mandriva:linux:firefox-bg", "p-cpe:/a:mandriva:linux:firefox-et", "p-cpe:/a:mandriva:linux:firefox-si", "p-cpe:/a:mandriva:linux:firefox-pt_PT", "p-cpe:/a:mandriva:linux:firefox-cy", "p-cpe:/a:mandriva:linux:firefox-ko", "p-cpe:/a:mandriva:linux:firefox-nb_NO", "p-cpe:/a:mandriva:linux:firefox-uk", "p-cpe:/a:mandriva:linux:firefox-kn", "p-cpe:/a:mandriva:linux:firefox-ar", "p-cpe:/a:mandriva:linux:firefox-nn_NO", "p-cpe:/a:mandriva:linux:firefox-pt_BR", "p-cpe:/a:mandriva:linux:firefox-da", "p-cpe:/a:mandriva:linux:firefox-hu", "p-cpe:/a:mandriva:linux:firefox-sr", "p-cpe:/a:mandriva:linux:firefox-pl", "p-cpe:/a:mandriva:linux:firefox-gu_IN", "p-cpe:/a:mandriva:linux:firefox-cs", "p-cpe:/a:mandriva:linux:firefox-hi", "p-cpe:/a:mandriva:linux:firefox-th", "p-cpe:/a:mandriva:linux:firefox-en_GB", "p-cpe:/a:mandriva:linux:firefox-mr", "p-cpe:/a:mandriva:linux:firefox-he"], "id": "MANDRIVA_MDVSA-2010-251.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51106", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:251. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51106);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:17\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45345, 45346, 45347, 45348, 45351, 45352, 45353, 45354, 45355);\n script_xref(name:\"MDVSA\", value:\"2010:251-2\");\n\n script_name(english:\"Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues were identified and fixed in firefox :\n\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported\nthat the x-mac-arabic, x-mac-farsi and x-mac-hebrew character\nencodings are vulnerable to XSS attacks due to some characters being\nconverted to angle brackets when displayed by the rendering engine.\nSites using these character encodings would thus be potentially\nvulnerable to script injection attacks if their script filtering code\nfails to strip out these specific characters (CVE-2010-3770).\n\nGoogle security researcher Michal Zalewski reported that when a window\nwas opened to a site resulting in a network or certificate error page,\nthe opening site could access the document inside the opened window\nand inject arbitrary content. An attacker could use this bug to spoof\nthe location bar and trick a user into thinking they were on a\ndifferent site than they actually were (CVE-2010-3774).\n\nMozilla security researcher moz_bug_r_a4 reported that the fix for\nCVE-2010-0179 could be circumvented permitting the execution of\narbitrary JavaScript with chrome privileges (CVE-2010-3773).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day\nInitiative that JavaScript arrays were vulnerable to an integer\noverflow vulnerability. The report demonstrated that an array could be\nconstructed containing a very large number of items such that when\nmemory was allocated to store the array items, the integer value used\nto calculate the buffer size would overflow resulting in too small a\nbuffer being allocated. Subsequent use of the array object could then\nresult in data being written past the end of the buffer and causing\nmemory corruption (CVE-2010-3767).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day\nInitiative that a nsDOMAttribute node can be modified without\ninforming the iterator object responsible for various DOM traversals.\nThis flaw could lead to a inconsistent state where the iterator points\nto an object it believes is part of the DOM but actually points to\nsome other object. If such an object had been deleted and its memory\nreclaimed by the system, then the iterator could be used to call into\nattacker-controlled memory (CVE-2010-3766).\n\nSecurity researcher Gregory Fleischer reported that when a Java\nLiveConnect script was loaded via a data: URL which redirects via a\nmeta refresh, then the resulting plugin object was created with the\nwrong security principal and thus received elevated privileges such as\nthe abilities to read local files, launch processes, and create\nnetwork connections (CVE-2010-3775).\n\nMozilla added the OTS font sanitizing library to prevent downloadable\nfonts from exposing vulnerabilities in the underlying OS font code.\nThis library mitigates against several issues independently reported\nby Red Hat Security Response Team member Marc Schoenefeld and Mozilla\nsecurity researcher Christoph Diehl (CVE-2010-3768).\n\nSecurity researcher wushi of team509 reported that when a XUL tree had\nan HTML \\<div\\> element nested inside a \\<treechildren\\> element then\ncode attempting to display content in the XUL tree would incorrectly\ntreat the \\<div\\> element as a parent node to tree content underneath\nit resulting in incorrect indexes being calculated for the child\ncontent. These incorrect indexes were used in subsequent array\noperations which resulted in writing data past the end of an allocated\nbuffer. An attacker could use this issue to crash a victim's browser\nand run arbitrary code on their machine (CVE-2010-3772).\n\nSecurity researcher echo reported that a web page could open a window\nwith an about:blank location and then inject an \\<isindex\\> element\ninto that page which upon submission would redirect to a chrome:\ndocument. The effect of this defect was that the original page would\nwind up with a reference to a chrome-privileged object, the opened\nwindow, which could be leveraged for privilege escalation attacks\n(CVE-2010-3771).\n\nDirk Heinrich reported that on Windows platforms when document.write()\nwas called with a very long string a buffer overflow was caused in\nline breaking routines attempting to process the string for display.\nSuch cases triggered an invalid read past the end of an array causing\na crash which an attacker could potentially use to run arbitrary code\non a victim's computer (CVE-2010-3769).\n\nMozilla developers identified and fixed several memory safety bugs in\nthe browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of\nthese could be exploited to run arbitrary code (CVE-2010-3776,\nCVE-2010-3777).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nUpdate :\n\nA mistake was done with the MDVSA-2010:251 and the MDVSA-2010:251-1\nadvisories where the localization files for firefox software was NOT\nupdated to the 3.6.13 version. The secteam wishes to apologise for the\nunfortunate mistake and also wishes everyone a great christmas.\n\nRegards // Santa Claus\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ga_IE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-af-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ar-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-be-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-bg-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-bn-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ca-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-cs-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-cy-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-da-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-de-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-el-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-en_GB-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-eo-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-es_AR-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-es_ES-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-et-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-eu-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fi-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fy-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ga_IE-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-gl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-gu_IN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-he-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-hi-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-hu-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-id-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-is-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-it-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ja-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ka-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-kn-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ko-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ku-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-lt-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-lv-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-mk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-mr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nb_NO-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nn_NO-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-oc-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pa_IN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pt_BR-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pt_PT-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ro-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ru-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-si-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sq-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sv_SE-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-te-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-th-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-tr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-uk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-zh_CN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-zh_TW-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T12:54:45", "references": ["http://www.nessus.org/u?975b288e", "http://www.nessus.org/u?e1af65ee"], "pluginID": "51777", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 7, "reporter": "Tenable", "published": "2011-01-28T00:00:00", "title": "CentOS 4 : firefox (CESA-2010:0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:firefox"], "id": "CENTOS_RHSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0966 and \n# CentOS Errata and Security Advisory 2010:0966 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51777);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:29\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"CentOS 4 : firefox (CESA-2010:0966)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?975b288e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-January/017228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e1af65ee\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"firefox-3.6.13-3.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"firefox-3.6.13-3.el4.centos\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:48", "references": ["http://www.nessus.org/u?fa8b28d0", "http://www.nessus.org/u?71e20e05"], "pluginID": "51361", "description": "Update to new upstream SeaMonkey version 2.0.11, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html #seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-23T00:00:00", "title": "Fedora 13 : seamonkey-2.0.11-1.fc13 (2010-18890)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:seamonkey"], "id": "FEDORA_2010-18890.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51361", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18890.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51361);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n script_xref(name:\"FEDORA\", value:\"2010-18890\");\n\n script_name(english:\"Fedora 13 : seamonkey-2.0.11-1.fc13 (2010-18890)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream SeaMonkey version 2.0.11, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html\n#seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa8b28d0\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?71e20e05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"seamonkey-2.0.11-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:40", "references": ["https://oss.oracle.com/pipermail/el-errata/2010-December/001763.html", "https://oss.oracle.com/pipermail/el-errata/2010-December/001765.html", "https://oss.oracle.com/pipermail/el-errata/2011-February/001850.html"], "pluginID": "68156", "description": "From Red Hat Security Advisory 2010:0966 :\n\nUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 5, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 / 6 : firefox (ELSA-2010-0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68156", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0966 and \n# Oracle Linux Security Advisory ELSA-2010-0966 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68156);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : firefox (ELSA-2010-0966)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0966 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001763.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001765.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001850.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"firefox-3.6.13-3.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-3.6.13-2.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-1.9.2.13-3.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-1.9.2.13-3.0.1.el5\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-3.6.13-2.0.1.el6_0\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-1.9.2.13-3.0.1.el6_0\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-1.9.2.13-3.0.1.el6_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:46:12", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2010-82/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-81/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-76/", "http://www.nessus.org/u?de9e67fa", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-75/", "http://www.nessus.org/u?4c81664e", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-83/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-79/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-80/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-78/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-77/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-84/", "https://www.mozilla.org/en-US/security/advisories/mfsa2010-74/"], "pluginID": "51121", "description": "The installed version of Firefox 3.6 is earlier than 3.6.13. Such versions are potentially affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues could lead to arbitrary code execution. (MFSA 2010-74) \n - On the Windows platform, when 'document.write()' is called with a very long string, a buffer overflow could be triggered. (MFSA 2010-75)\n\n - A privilege escalation vulnerability exists with 'window.open' and the '<isindex>' element. (MFSA 2010-76)\n\n - Arbitrary code execution is possible when using HTML tags inside a XUL tree. (MFSA 2010-77)\n\n - Downloadable fonts could expose vulnerabilities in the underlying OS font code. (MFSA 2010-78)\n\n - A Java security bypass vulnerability exists when LiveConnect is loaded via a 'data:' URL meta refresh. (MFSA 2010-79)\n\n - A use-after-free error exists with nsDOMAttribute MutationObserver. (MFSA 2010-80)\n\n - An integer overflow exists in NewIdArray. (MFSA 2010-81)\n\n - It is possible to circumvent the fix for CVE-2010-0179.\n (MFSA 2010-82) \n - It is possible to spoof SSL in the location bar using the network error page. (MFSA 2010-83)\n\n - A cross-site scripting hazard exists in multiple character encodings. (MFSA 2010-84)", "edition": 6, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "Firefox 3.6 < 3.6.13 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_3613.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51121", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51121);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \n \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \n \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(\n 45314,\n 45324,\n 45326,\n 45345,\n 45346,\n 45347,\n 45348,\n 45351,\n 45352,\n 45353,\n 45354,\n 45355\n );\n script_xref(name:\"Secunia\", value:\"42517\");\n\n script_name(english:\"Firefox 3.6 < 3.6.13 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox 3.6 is earlier than 3.6.13. Such\nversions are potentially affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues could lead to\n arbitrary code execution. (MFSA 2010-74)\n \n - On the Windows platform, when 'document.write()' is \n called with a very long string, a buffer overflow could\n be triggered. (MFSA 2010-75)\n\n - A privilege escalation vulnerability exists with\n 'window.open' and the '<isindex>' element. \n (MFSA 2010-76)\n\n - Arbitrary code execution is possible when using HTML\n tags inside a XUL tree. (MFSA 2010-77)\n\n - Downloadable fonts could expose vulnerabilities in the\n underlying OS font code. (MFSA 2010-78)\n\n - A Java security bypass vulnerability exists when \n LiveConnect is loaded via a 'data:' URL meta refresh. \n (MFSA 2010-79)\n\n - A use-after-free error exists with nsDOMAttribute\n MutationObserver. (MFSA 2010-80)\n\n - An integer overflow exists in NewIdArray. (MFSA 2010-81)\n\n - It is possible to circumvent the fix for CVE-2010-0179.\n (MFSA 2010-82)\n \n - It is possible to spoof SSL in the location bar using\n the network error page. (MFSA 2010-83)\n\n - A cross-site scripting hazard exists in multiple\n character encodings. (MFSA 2010-84)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?de9e67fa\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-74/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-75/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-76/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-77/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-78/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-79/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-80/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-81/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-82/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-83/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-84/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c81664e\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Firefox 3.6.13 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'3.6.13', min:'3.6', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:41", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0966.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.x86_64.rpm", "packageName": "firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.i386.rpm", "packageName": "firefox", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0966\n\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\nCVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website\nwith an object containing malicious JavaScript could cause Firefox to\nexecute that JavaScript with the privileges of the user running Firefox.\n(CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nFirefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running Firefox.\n(CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug\nadd-on was used. If a user visited a website containing malicious\nJavaScript while the Firebug add-on was enabled, it could cause Firefox to\nexecute arbitrary JavaScript with the privileges of the user running\nFirefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\nx-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\nconverted to angle brackets when displayed. If server-side script filtering\nmissed these cases, it could result in Firefox executing JavaScript code\nwith the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.13. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.13, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017228.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0966.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:53:21", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "firefox security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2011-01-27T03:54:21", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html", "id": "CESA-2010:0966", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:19", "references": ["http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2010-0968.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0968\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content. HTML\ncontaining malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nNote: JavaScript support is disabled by default in Thunderbird. The above\nissues are not exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017231.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017232.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0968.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:58:08", "title": "thunderbird security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3767"], "modified": "2011-01-27T03:58:34", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017231.html", "id": "CESA-2010:0968", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:40", "references": ["http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2010-0967.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-mail-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-mail", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.src.rpm", "packageName": "seamonkey", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.src.rpm", "packageName": "seamonkey", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-devel-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-dom-inspector", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-js-debugger", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-js-debugger", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-chat-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-chat", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-dom-inspector", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-chat-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-chat", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-mail-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-mail", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-devel-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0967\n\n\nSeaMonkey is an open source web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nA flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running SeaMonkey.\n(CVE-2010-3775)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017229.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017230.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0967.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:55:30", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "seamonkey security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767"], "modified": "2011-01-27T03:56:08", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017229.html", "id": "CESA-2010:0967", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:38", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0332.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0332\n\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral use-after-free flaws were found in Firefox. Visiting a web page\ncontaining malicious content could result in Firefox executing arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-0175,\nCVE-2010-0176, CVE-2010-0177)\n\nA flaw was found in Firefox that could allow an applet to generate a drag\nand drop action from a mouse click. Such an action could be used to execute\narbitrary JavaScript with the privileges of the user running Firefox.\n(CVE-2010-0178)\n\nA privilege escalation flaw was found in Firefox when the Firebug add-on is\nin use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome\nprivilege escalation flaw that could be used to execute arbitrary\nJavaScript with the privileges of the user running Firefox. (CVE-2010-0179)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0174)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.19. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.19, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-April/016623.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-April/016624.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0332.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-04-06T22:01:59", "title": "firefox security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-06T22:04:29", "href": "http://lists.centos.org/pipermail/centos-announce/2010-April/016623.html", "id": "CESA-2010:0332", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:45", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3767", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3773", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3770", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3774", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3768", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3771", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3772", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3766"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.5", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}], "description": "Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)\n\nIt was discovered that Firefox did not properly verify the about:blank location elements when it was opened via window.open(). An attacker could exploit this to run arbitrary code with chrome privileges. (CVE-2010-3771)\n\nIt was discovered that Firefox did not properly handle &lt;div&gt; elements when processing a XUL tree. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3772)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)\n\nGregory Fleischer discovered that the Java LiveConnect script could be made to run in the wrong security context. An attacker could exploit this to read local files and run arbitrary code as the user invoking the program. (CVE-2010-3775)\n\nSeveral problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3773)\n\nMichal Zalewski discovered that Firefox did not always properly handle displaying pages from network or certificate errors. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-3774)\n\nYosuke Hasegawa and Masatoshi Kimura discovered that several character encodings would have some characters converted to angle brackets. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-3770)", "edition": 3, "reporter": "Ubuntu", "published": "2010-12-09T00:00:00", "title": "Firefox and Xulrunner vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-09T00:00:00", "id": "USN-1019-1", "href": "https://usn.ubuntu.com/1019-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:42", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3768", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3776"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.1.7+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.1.7+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}], "description": "Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)", "edition": 3, "reporter": "Ubuntu", "published": "2010-12-09T00:00:00", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3768", "CVE-2010-3776"], "modified": "2010-12-09T00:00:00", "id": "USN-1020-1", "href": "https://usn.ubuntu.com/1020-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0179", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0175", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0177", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0178", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0176", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0174"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}], "description": "Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0174)\n\nIt was discovered that Firefox could be made to access previously freed memory. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0175, CVE-2010-0176, CVE-2010-0177)\n\nPaul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. If the user could be tricked into performing this action twice on a crafted website, an attacker could execute arbitrary JavaScript with chrome privileges. (CVE-2010-0178)\n\nIt was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. If the user had the Firebug add-on installed and were tricked into viewing a malicious website, an attacker could potentially run arbitrary JavaScript. (CVE-2010-0179)", "edition": 3, "reporter": "Ubuntu", "published": "2010-04-09T00:00:00", "title": "Firefox 3.0 and Xulrunner vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-09T00:00:00", "id": "USN-920-1", "href": "https://usn.ubuntu.com/920-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:08", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0179", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0175", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0173", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0177", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0178", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0176", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0174", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0182", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0181"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "3.5.9+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.5", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "1.9.1.9+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.1", "operator": "lt"}], "description": "Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0173, CVE-2010-0174)\n\nIt was discovered that Firefox could be made to access previously freed memory. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0175, CVE-2010-0176, CVE-2010-0177)\n\nPaul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. If the user could be tricked into performing this action twice on a crafted website, an attacker could execute arbitrary JavaScript with chrome privileges. (CVE-2010-0178)\n\nIt was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. If the user had the Firebug add-on installed and were tricked into viewing a malicious website, an attacker could potentially run arbitrary JavaScript. (CVE-2010-0179)\n\nHenry Sudhof discovered that an image tag could be used as a redirect to a mailto: URL to launch an external mail handler. (CVE-2010-0181)\n\nWladimir Palant discovered that Firefox did not always perform security checks on XML content. An attacker could exploit this to bypass security policies to load certain resources. (CVE-2010-0182)", "edition": 3, "reporter": "Ubuntu", "published": "2010-04-09T00:00:00", "title": "Firefox 3.5 and Xulrunner vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0173", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0182", "CVE-2010-0181", "CVE-2010-0179"], "modified": "2010-04-09T00:00:00", "id": "USN-921-1", "href": "https://usn.ubuntu.com/921-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:39:34", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "i386", "packageFilename": "firefox-3.6.13-2.0.1.el5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "i386", "packageFilename": "firefox-3.6.13-2.0.1.el5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "x86_64", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "x86_64", "packageFilename": "firefox-3.6.13-2.0.1.el5.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "ia64", "packageFilename": "firefox-3.6.13-2.0.1.el5.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "ia64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "x86_64", "packageFilename": "firefox-3.6.13-3.0.1.el4.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "i386", "packageFilename": "firefox-3.6.13-3.0.1.el4.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "i686", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "x86_64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "ia64", "packageFilename": "firefox-3.6.13-3.0.1.el4.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "ia64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}], "description": " \nfirefox:\r\n \n[3.6.13-1.0.1.el6_0]\r\n- Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js\r\n [bugz 11762]\r\n \n[3.6.13-2]\r\n- Update to 3.6.13 build3\r\n \n[3.6.13-1]\r\n- Update to 3.6.13\r\n \n[3.6.12-1]\r\n- Update to 3.6.12\r\n \n[3.6.11-1]\r\n- Update to 3.6.11\r\n \nxulrunner:\r\n \n[1.9.2.13-3.0.1.el6_0]\r\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\r\n RedHat one. Bug#11487\r\n \n[1.9.2.13-3]\r\n- Update to 1.9.2.13 build3\r\n \n[1.9.2.13-2]\r\n- Update to 1.9.2.13 build2\r\n \n[1.9.2.13-1]\r\n- Update to 1.9.2.13\r\n \n[1.9.2.12-1]\r\n- Update to 1.9.2.12\r\n \n[1.9.2.11-1]\r\n- Update to 1.9.2.1", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0966", "href": "http://linux.oracle.com/errata/ELSA-2010-0966.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:10", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}], "description": "[1.0.9-66.0.1.el4_8]\n- Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html\n and remove corresponding RedHat ones\n[1.0.9-66.el4]\n- Added fixes from 1.9.1.16", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "seamonkey security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0967", "href": "http://linux.oracle.com/errata/ELSA-2010-0967.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:46:09", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "x86_64", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "ia64", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.ia64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "i386", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.i386.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}], "description": "[1.5.0.12-34.0.1.el4]\n- Add thunderbird-oracle-default-prefs.js for errata rebuild and remove\n thunderbird-redhat-default-prefs.js\n Replaced clean.gif in tarball\n[1.5.0.12-34]\n- Added fixes from 1.9.1.16", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "thunderbird security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3767"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0968", "href": "http://linux.oracle.com/errata/ELSA-2010-0968.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:33", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "i686", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.i686.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "src", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "src", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}], "description": "[3.1.7-3.0.1.el6]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[3.1.7-3]\n- Update to 3.1.7 build3\n[3.1.7-2]\n- Update to 3.1.7 build2\n[3.1.7-1]\n- Update to 3.1.7\n[3.1.6-1]\n- Update to 3.1.6\n[3.1.5-1]\n- Update to 3.1.5", "edition": 3, "reporter": "Oracle", "published": "2011-02-10T00:00:00", "title": "thunderbird security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3777", "CVE-2010-3768", "CVE-2010-3776"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2010-0969", "href": "http://linux.oracle.com/errata/ELSA-2010-0969.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:47", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el4.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.0.1.el4.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.0.1.el4.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}], "description": "firefox:\r\n \n[3.0.19-1.0.1.el5_5]\r\n- Update firstrun and homepage URLs in specfile\r\n- Added patch oracle-firefox-branding.patch\r\n- Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html\r\n and removed the corresponding RedHat ones\r\n \n[3.0.19-1]\r\n- Update to 3.0.19\r\n \nxulrunner:\r\n \n[1.9.0.19-1.0.1.el5_5]\r\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\r\n RedHat one.\r\n \n[1.9.0.19-1]\r\n- Update to 1.9.0.19", "edition": 3, "reporter": "Oracle", "published": "2010-03-31T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-03-31T00:00:00", "id": "ELSA-2010-0332", "href": "http://linux.oracle.com/errata/ELSA-2010-0332.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:20", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "iceweasel-dbg_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "iceweasel-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "libmozjs2d_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "libmozjs2d", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "xulrunner-dev_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "iceweasel_1.9.0.19-7_all.deb", "packageName": "iceweasel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "xulrunner-1.9.1-dbg_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "xulrunner-1.9.1-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "iceweasel-dbg_1.9.0.19-7_all.deb", "packageName": "iceweasel-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "iceweasel_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "iceweasel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "spidermonkey-bin_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "libmozjs2d-dbg_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "libmozjs2d-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "xulrunner-1.9.1_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "xulrunner-1.9.1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "iceweasel-gnome-support_1.9.0.19-7_all.deb", "packageName": "iceweasel-gnome-support", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1", "arch": "all", "packageFilename": "libmozjs-dev_(squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1_all.deb", "packageName": "libmozjs-dev", "operator": "lt"}], "description": "Mike Hommey uploaded new packages for iceweasel which fixed the\nfollowing security problems:\n\nCVE-2010-3776\n Multiple unspecified vulnerabilities in the browser engine in Mozilla\n Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before\n 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly execute arbitrary code via unknown\n vectors.\nCVE-2010-3778\n Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16,\n Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote\n attackers to cause a denial of service (memory corruption and\n application crash) or possibly execute arbitrary code via unknown\n vectors.\nCVE-2010-3769\n The line-breaking implementation in Mozilla Firefox before 3.5.16 and\n 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7,\n and SeaMonkey before 2.0.11 on Windows does not properly handle long\n strings, which allows remote attackers to execute arbitrary code via a\n crafted document.write call that triggers a buffer over-read.\nCVE-2010-3771\n Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey\n before 2.0.11, does not properly handle injection of an ISINDEX\n element into an about:blank page, which allows remote attackers to\n execute arbitrary JavaScript code with chrome privileges via vectors\n related to redirection to a chrome: URI.\nCVE-2010-3772\n Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey\n before 2.0.11, does not properly calculate index values for certain\n child content in a XUL tree, which allows remote attackers to execute\n arbitrary code via vectors involving a DIV element within a\n treechildren element.\nCVE-2010-3768\n Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird\n before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do\n not properly validate downloadable fonts before use within an\n operating system&#x27;s font implementation, which allows remote attackers\n to execute arbitrary code via vectors related to @font-face Cascading\n Style Sheets (CSS) rules.\nCVE-2010-3775\n Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey\n before 2.0.11, does not properly handle certain redirections involving\n data: URLs and Java LiveConnect scripts, which allows remote attackers\n to start processes, read arbitrary local files, and establish network\n connections via vectors involving a refresh value in the http-equiv\n attribute of a META element.\nCVE-2010-3766\n Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and\n 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote\n attackers to execute arbitrary code via vectors involving a change to\n an nsDOMAttribute node.\nCVE-2010-3767\n Integer overflow in the NewIdArray function in Mozilla Firefox before\n 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows\n remote attackers to execute arbitrary code via a JavaScript array with\n many elements.\nCVE-2010-3773\n Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey\n before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on\n is used, does not properly handle interaction between the\n XMLHttpRequestSpy object and chrome privileged objects, which allows\n remote attackers to execute arbitrary JavaScript via a crafted HTTP\n response. NOTE: this vulnerability exists because of an incomplete fix\n for CVE-2010-0179.\nCVE-2010-3774\n The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h\n in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and\n SeaMonkey before 2.0.11, does not properly handle (1) about:neterror\n and (2) about:certerror pages, which allows remote attackers to spoof\n the location bar via a crafted web site.\nCVE-2010-3770\n Multiple cross-site scripting (XSS) vulnerabilities in the rendering\n engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and\n SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary\n web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3)\n x-mac-hebrew characters.\n\nFor the lenny-backports distribution the problems have been fixed in\nversion 3.5.16-3~bpo50+1.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.9.0.19-7.\n\nFor the upcoming stable version (squeeze) and the unstable distribution\n(sid), these problems have been fixed in version 3.5.15-1.\n\nFor the experimental distribution, these problems have been fixed in\nversion 3.6.13-1.\n\nUpgrade instructions\n--------------------\n\nIf you don&#x27;t use pinning (see [1]) you have to update the package\nmanually via &quot;apt-get -t lenny-backports install &lt;packagelist&gt;&quot; with\nthe packagelist of your installed packages affected by this update.\n[1] &lt;http://backports.debian.org/Instructions&gt;\n\nWe recommend to pin (in /etc/apt/preferences) the backports repository to\n200 so that new versions of installed backports will be installed\nautomatically. \n\n Package: *\n Pin: release a=lenny-backports\n Pin-Priority: 200\n\n", "edition": 1, "reporter": "Debian", "published": "2011-01-03T06:30:25", "title": "[BSA-013] Security Update for iceweasel", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:20", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2011-01-03T06:30:25", "id": "DEBIAN:BSA-013:BDF29", "href": "https://lists.debian.org/debian-backports-announce/2011/debian-backports-announce-201101/msg00000.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:15:04", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "xulrunner-dev_1.9.0.19-7_all.deb", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "libmozjs-dev_1.9.0.19-7_all.deb", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "libmozjs1d_1.9.0.19-7_all.deb", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "libmozillainterfaces-java_1.9.0.19-7_all.deb", "packageName": "libmozillainterfaces-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_all.deb", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "xulrunner_1.9.0.19-7_all.deb", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "xulrunner-1.9_1.9.0.19-7_all.deb", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "spidermonkey-bin_1.9.0.19-7_all.deb", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_all.deb", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "python-xpcom_1.9.0.19-7_all.deb", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "arch": "all", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_all.deb", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2132-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nDecember 11, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : xulrunner\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-3776 CVE-2010-3778 CVE-2010-3769 CVE-2010-3771 CVE-2010-3772 CVE-2010-3775 CVE-2010-3767 CVE-2010-3773 CVE-2010-3770\n\nSeveral remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications. The Common Vulnerabilities\nand Exposures project identifies the following problems:\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.9.0.19-7.\n\nFor the upcoming stable version (squeeze) and the unstable\ndistribution (sid), these problems have been fixed in version 3.5.15-1.\n\nFor the experimental distribution, these problems have been fixed in \nversion 3.6.13-1.\n\nWe recommend that you upgrade your xulrunner packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-7.dsc\n Size/MD5 checksum: 2395 644970f97799b0cedf925a2c8303f2e8\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-7.diff.gz\n Size/MD5 checksum: 192334 56a4a1a9b083b7cd92b29cd11a015e79\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz\n Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-7_all.deb\n Size/MD5 checksum: 1468538 408e0dba665407318563c9ace335f887\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 223280 178397115d1162385892d626fe792b24\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 9511894 7db4e68bf006563fc76e5d7ef7cc1f35\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 51220414 46e2eb53a8450dc6b09ab2c04e46c393\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 434238 8b7075f8a39aa75c39b119e0d3d135dc\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 165054 5022695ffeb82bc7e38e229a578e586e\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 72976 f7b15c4573ea75fe83fd6398f8a6b1d7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 939744 19dd61fd1ad9d23add66faab4720c3c8\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 3658850 51980c9c9cf575d4af59a5e2033f6b1d\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_alpha.deb\n Size/MD5 checksum: 113776 700edb5b7b4778ce0b43eeff702bf4ce\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 50471444 5c27a6ce1376234377e1327cece90e58\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 7736416 73c4297d3f7693eb75e1f52275968dd3\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 70642 62fa42480817a42b7c3186644e395adf\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 3300092 de7c05ebe980974b7f677d691675346e\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 153778 3095de264efc138f55a08932e5f633b2\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 375798 6076292260d0a0a21f426e205c2c8045\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 102292 3e2e5af63df8a9db1c898ef092edef7d\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 891538 b5851f59bc3c61fe0ff6a85b870477da\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_amd64.deb\n Size/MD5 checksum: 223652 45370096b9ad11d37126f9d4da5f2dfe\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 84364 2b6ca89bc12cd2df1a1958638f2b6a19\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 352324 d1f0a3422bbbbfdb05a68c703b333b7b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 818192 9631161a7acb39824b0d40270f2f828d\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 224266 8f229b45f02deaf66d3c1ccacc125909\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 3588414 b6de490be37c35b6a7201002a5dcd660\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 6818158 ee9b933d0563218819922119bc39dec1\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 49413206 1229357e1cb60d5db4261aa39e890fd6\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 68732 8494bbd0306c67349fcda88b503d450d\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_arm.deb\n Size/MD5 checksum: 141954 483ea1908eca504f242bed3291765ef4\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 85036 d3335128ed334f3213ccd984c58f5f69\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 354000 d166273acc1e23dd740c39141e3fb4f8\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 222498 c08938473e4ef23df0d40c297b20e2bb\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 71090 69ce3831870708d27267013ae8c80340\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 3574582 7955f9e31c6b183cfc68d239d1704fb0\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 50257234 7600317a37eb2a9c37ccf80da8bf4e14\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 6965756 075c79fa64ec01ebe4f1160a03292c48\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 142408 9f293b106d5016f8c11528e28d25a5ff\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_armel.deb\n Size/MD5 checksum: 823738 95d47a4f7a80ceb3ad22b7bc9bc81955\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 900154 c6770f86eed7c45d9c33c925dfdc94d8\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 9529646 009b61d895b622466d5da74c3a932139\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 158980 3974546696e1141d708f70d31a25aaae\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 3636260 aa6c114be84f87b7f7e4c7fe8c9bac87\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 413824 fc7626c9d32c4b04f72db0ed20ed248f\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 72504 7553c6e4706eb91e04195a53ed0e72e7\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 107220 f4131ea49f0b186e669348a147256e88\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 223844 bdbac51475d12a6d7b815f36e4b5a7f6\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_hppa.deb\n Size/MD5 checksum: 51362540 f304719b21b97c096eb3daa8c40fa250\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 352304 7bf93a593725507866080e137954d6ce\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 3577326 00cc9e0a3ae8a399d02724a3a30f05fe\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 143220 f5a60e3795974cbcd96a8617a70a005e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 6616834 a69896146e791431fdd263d992d0a3fb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 49624400 772fd8eadf485efaec614d2aebde2759\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 852782 2e36eb0fbe5599aa30f85300c9ec7989\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 79838 516419904db720a7b8ce729db0771a2c\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 224708 df850c028a186cfead37b22d2bcdfcf8\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_i386.deb\n Size/MD5 checksum: 69212 a34d57b0412813c2c435292b1a9d09d6\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 77072 a5f3093605c728fcae801ec4a6a34fe8\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 811894 939a9193369d070f387ced4c3fa29618\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 223648 00ac511ec1f3922a1b20da88458c95a3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 122012 a9c9fc88c16c919f4f0fd934797dfc57\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 11324750 4270a6d5f04f4bde1861d2c11e6a1d4b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 3403204 92244edd7fa45fc2f8eefa7148ed94ba\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 180730 247a57cac4033af253b2f0ac66ce10d8\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 543054 7088c92cd15a9f21a3735f9a14641da3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_ia64.deb\n Size/MD5 checksum: 49815268 5d41fce562553f411e23ad8da9af991c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 97596 aae76aafb1643a3e6892f35ff928acea\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 223870 a7922622373346e883ab5e0c8f012781\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 381098 b5f4975be234777fa92e8f0047b93091\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 7680280 32b008f0bdfbc9082e02ef3d6e16e86a\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 70542 f1440f582f5e83367e0a2e757c1429c2\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 145450 6dcca30b995c0ad7cef8dcf8bb6a3ba5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 51981382 74d3bc5b26d0c6da3cef8506e56000b5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 3612158 f7565161666d9155be2dafd6a5066d7b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_mips.deb\n Size/MD5 checksum: 917662 90b6acdf9fb6b104b4387b8489e3f14d\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 97274 8932be2e001cab62cf2536b2ccc49160\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 901536 a992d95b5fa5d61f51d0bf80f9708b01\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 223648 a9200d880d63ac9f11e4e5142da504c3\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 70434 c116043e0d1b3ca1aed17fab4e8b7074\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 7391960 29f18c6167a22dddbf66dd734e763d7b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 379632 235a73f45e044901c03c9a0ba5bfd3ff\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 145568 e15bbc03233b75b85120113551314247\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 50093512 f8b364eb399f9e3fa0dd700403fe7e27\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_mipsel.deb\n Size/MD5 checksum: 3313754 568d31e6a1c83803f91ab8e7f8b21469\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 95296 1f03682ec71fcc352a5f8c48647a451d\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 73584 06a80a5c288d5342a48655795849e0e6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 888614 068e2fd4f17719fd9c3774f85737f3da\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 152724 cfbb558bb75ed6615972c784acbb677d\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 51526180 998b07a9dd6944ac545a4b8f8244c309\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 223660 3fe5463aa6eff01330ee13ced216d9d0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 363274 0f80c4936242ccb79f2974be9b689bba\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 3288188 3858b9e6e97cf9b549acdb425d94b538\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_powerpc.deb\n Size/MD5 checksum: 7292448 b3a02b207d499a2909177e7dc629b8d6\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 223456 c0552ce6b2d73639db458f2739f4583b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 909980 04e9a175fae9182dae6ed3f7a71fe44e\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 73756 357e968a6a23757c80d6eea737f76cbc\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 8433674 a64377c8a4741bd8761d61999c427c7a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 105980 089cac8b869c1a02db977eb919f919a3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 51298252 af8eabc6439a5e4086ecdcd0412d3322\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 407998 0028994a489adeea5e48192b8a6ae91f\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 155662 08437d3d7bad0a64625ffb7552e6fe44\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_s390.deb\n Size/MD5 checksum: 3612610 62f361699599d1200db324a9144d2877\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 223486 37a29eaab1a2c534f5dc62f44b0a4236\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 144326 20c0f34db6494765a13656eac739619c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 3587652 e3d2bc88b9050c27c8bf0399a6f52dbe\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 822702 625feb71bd53859a40d0b4f75dce9292\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 350920 668c1ccfd704b50e327857bc27086810\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 49490890 71a88412f9ba2817e5d6a405162a378d\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 70432 458f8b7f98a0d4cac45161c65d40a8b0\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 7185870 c8ad3b10261488a4026c54128154d726\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-7_sparc.deb\n Size/MD5 checksum: 84790 b9d86d92952c65d8a8249f39a3c6af41\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 1, "reporter": "Debian", "published": "2010-12-11T12:03:35", "title": "[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:15:04", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3778", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770"], "modified": "2010-12-11T12:03:35", "id": "DEBIAN:DSA-2132-1:FA9AE", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00183.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:14:51", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "spidermonkey-bin_1.9.0.19-1_all.deb", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_all.deb", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "libmozillainterfaces-java_1.9.0.19-1_all.deb", "packageName": "libmozillainterfaces-java", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "python-xpcom_1.9.0.19-1_all.deb", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "libmozjs-dev_1.9.0.19-1_all.deb", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "xulrunner-dev_1.9.0.19-1_all.deb", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_all.deb", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "libmozjs1d_1.9.0.19-1_all.deb", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_all.deb", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "xulrunner_1.9.0.19-1_all.deb", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "arch": "all", "packageFilename": "xulrunner-1.9_1.9.0.19-1_all.deb", "packageName": "xulrunner-1.9", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2027-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nApril 03, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : xulrunner\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0179\n\nSeveral remote vulnerabilities have been discovered in Xulrunner, a \nruntime environment for XUL applications, such as the Iceweasel web\nbrowser. The Common Vulnerabilities and Exposures project identifies \nthe following problems:\n\nCVE-2010-0174\n\n Jesse Ruderman and Ehsan Akhgari discovered crashes in the layout\n engine, which might allow the execution of arbitrary code.\n\nCVE-2010-0175\n\n It was discovered that incorrect memory handling in the XUL event\n handler might allow the execution of arbitrary code.\n\nCVE-2010-0176\n\n It was discovered that incorrect memory handling in the XUL event\n handler might allow the execution of arbitrary code.\n\nCVE-2010-0177\n\n It was discovered that incorrect memory handling in the plugin code\n might allow the execution of arbitrary code.\n\nCVE-2010-0178\n\n Paul Stone discovered that forced drag-and-drop events could lead to\n Chrome privilege escalation.\n\nCVE-2010-0179\n\n It was discovered that a programming error in the XMLHttpRequestSpy\n module could lead to the execution of arbitrary code.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.9.0.19-1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your xulrunner packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz\n Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-1.diff.gz\n Size/MD5 checksum: 116550 6c9e415004f27291e49f84e90d1d0131\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-1.dsc\n Size/MD5 checksum: 1755 e04cb5b6bd5b8b7f9add59c8a806e3c8\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-1_all.deb\n Size/MD5 checksum: 1465282 ce022b6790d6e14f4b788c308653dab8\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 9484100 a782bd0ed837f3432c71a109dd98d045\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 223290 ecb8f397d3e6c7463b1c24c0a8ee3675\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 433032 7eec73671d538f485671874579557bc5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 51124160 1a6dcf57c7d1185c6d95ea4d8bad1f12\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 165330 ee07c899e85d144a8f04ecb462e1c780\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 113322 ac5b08d50ccb70971bb42f44dd938eb3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 3356812 f445e0ef422d18b9428ee8190810eb5f\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 72410 b6055fee3f283a3b4f299398d156a21a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_alpha.deb\n Size/MD5 checksum: 940016 fc6778b3d408736e10d43b5f30d2469a\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 70096 59959a92c5cd12582b36000575b81b98\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 223180 7b656ca6976ca0bc5e5dac21a2566807\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 890448 643a3817476fd091dca841dfcefd4584\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 101702 96847a84ad24da47f98b4b332870c6bb\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 374384 85617766ed0a0ac960db1664b51f7891\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 152132 edcab736e161e97cf9738f43aecf2272\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 50350940 d38916e2024e9dc46dc40a30da643f2a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 3290136 7b32902cd2a92a45a4b8f7163b684ad9\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_amd64.deb\n Size/MD5 checksum: 7730682 b4f1fc1f804898e1e6e787c1e826dfcf\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 140840 9213b7e72b0a4089d5e9220a3c2d1c59\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 815414 c2ecc249eaaf006274019578d9325467\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 84082 5a539ed642fe58a23f7e36046d6880f7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 222238 67145776fd90e6218a1b75e6c6b7c3d9\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 49312054 9aa19e14aacb0afaced2067f9923ea0b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 6798174 3706217040f237a960bc122fc7fee5dd\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 350754 1d4d221f446d90b0d6e4b6b86f4fedbd\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 3583612 899a0b80111ae54cf2f97ba747f7e90f\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_arm.deb\n Size/MD5 checksum: 68406 941ade1edf2e875e257b65334c85ad57\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 84618 8b9e421b08f62fa826d4d4559d65657a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 353042 3ad84aaa456eef02cf30301ffcbcb331\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 142304 a1d731a41a4c20089cdb96eeeb52b82c\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 822678 6f6677d15e6995acc40b2a01867a8dff\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 3583134 257b1b81c726f5e62968119519bbe0a6\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 223240 c0c70b778f57a1fb6fa56a4d10a04757\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 6959862 9484bbf6d85604dc0bbadb10f2205795\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 70574 1ff9b320aa648dbeebf3558cdf33d266\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_armel.deb\n Size/MD5 checksum: 50147836 73702b83786ef3b8313edb56b29359f1\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 412450 a484d05bdf756bf3c4f11d47d7d9b0ae\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 223022 0d4a5aa91ed4938685cbc2dc946b1624\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 106090 ae7211d323ac2cf55efb86320d24f1d9\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 51231378 0a89533b5c3cb6b30f86fc9305ba3699\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 71534 b28b5e9086c3c714e41cb291caafb5e1\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 158976 00d4f5c739aad8069d677d83424e523e\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 898452 63b29a8fee489017233085ef111deff4\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 3623488 b11650685105902470f644985c3ee4fb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_hppa.deb\n Size/MD5 checksum: 9517850 ef0a7bab2097c89458e1df4712bfe818\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 68224 d79dbbd49ccd869fbb75ba6a6463e824\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 140848 8a2c2187f946dcee05fcb6a8ea7b2348\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 3569760 2fcc2fff9a8622c93849bcd52a95d66b\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 851994 10cebc4ce2b519229be78e0cb5b6bf24\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 350988 81024ae846f8ef96e317c2f9fc732420\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 222056 206b45fc3245d48c117b09ff9cf90f3b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 82716 22d5b3764a6dcd3bc35b5577a5de7bc0\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 49523498 54a2e4f0ed19be5b0978ace5a379cb26\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_i386.deb\n Size/MD5 checksum: 6604388 7b0276ee4f8bb91d7900af2b437aa15b\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 11307954 5f41a2e3292471699098a71dc7e07d86\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 223272 53b380b4a2206b8e08239317210490db\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 811282 b2bb56fb4744608c5a6d9adaa11ac956\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 121662 87ae39bfee9b50c9530d8b862d0ec8ab\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 542262 a490459aa56a72227d746771c7e4fd38\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 49705360 fbf406c88d94e9df58b20c3860368a2f\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 3399446 e35b0acdbbe8ea41549c5408b3c994e4\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 180336 94e52072a9edeefebb3639b78e0906b9\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_ia64.deb\n Size/MD5 checksum: 76664 2d9a7ae2827fb63f192a4a19b4b52dff\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 3592586 55c062ecc411207bd989b0c90043e669\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 152718 0588b69278fa88cc4e46ee06b556b0c1\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 363498 8f3cf54da3915e67381812b1b6443dd1\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 888474 0ef63edd8c0adbe499bd669910e1e801\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 94508 96f25e720c7fd9afef7b5f6307c7ce2c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 7305390 3fb096941c22e896f65de9d05feab1e5\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 51430576 13d14a97056d060ef434c2371396b7eb\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 73504 94ef4eceab50e6bc4189abee7b5a4e02\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_powerpc.deb\n Size/MD5 checksum: 223302 3129fdf4c4ac144ea9dd2eac197b810a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 49375616 86a3efe68f31cd50c54cd732d1969869\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 69526 9b077b92e08e5c424d3dda70bf9e0221\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 350202 9add4dc2667d1e66bfcecf3c51b20446\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 143276 90f5793e4ef8289563a2aa0412d8f1f3\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 821462 70e73a7be0077bea49846ef049ec1a14\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 7173522 752cec72a8bc6f013a0e5ae4798fb9fa\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 88382 b0abf523058087e5f96d9acf0a8adb07\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 222434 42ac86dea6c9bfbb986192440b6cf936\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_sparc.deb\n Size/MD5 checksum: 3569660 af4abe4b40d62e158ee09c4e6c908720\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 1, "reporter": "Debian", "published": "2010-04-03T17:50:39", "title": "[SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:51", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-03T17:50:39", "id": "DEBIAN:DSA-2027-1:5873C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00067.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:17", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-84.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-76.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-82.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-79.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-77.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-83.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-81.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-75.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-78.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.5.16", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox-devel", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.6.13,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.1.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.6.13,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.9.2.13", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxul", "operator": "lt"}], "description": "\nThe Mozilla Project reports:\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)\nMFSA 2010-75 Buffer overflow while line breaking after document.write with long string\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex element\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree\nMFSA 2010-78 Add support for OTS font sanitizer\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\nMFSA 2010-83 Location bar SSL spoofing using network error page\nMFSA 2010-84 XSS hazard in multiple character encodings\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2010-12-09T00:00:00", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-09T00:00:00", "id": "1D8FF4A2-0445-11E0-8E32-000F20797EDE", "href": "https://vuxml.freebsd.org/freebsd/1d8ff4a2-0445-11e0-8e32-000f20797ede.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:39", "references": ["https://vulners.com/securityvulns/securityvulns:doc:25264", "https://vulners.com/securityvulns/securityvulns:doc:25265", "https://vulners.com/securityvulns/securityvulns:doc:25270", "https://vulners.com/securityvulns/securityvulns:doc:25263", "https://vulners.com/securityvulns/securityvulns:doc:25273", "https://vulners.com/securityvulns/securityvulns:doc:25271", "https://vulners.com/securityvulns/securityvulns:doc:25274", "https://vulners.com/securityvulns/securityvulns:doc:25268", "https://vulners.com/securityvulns/securityvulns:doc:25267", "https://vulners.com/securityvulns/securityvulns:doc:25272", "https://vulners.com/securityvulns/securityvulns:doc:25266", "https://vulners.com/securityvulns/securityvulns:doc:25269"], "description": "Multiple memory corruptions, buffer overflows, vode execution protection bypass, privilege escalation, etc.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-12-10T00:00:00", "title": "Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:39", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "3.6", "operator": "eq"}, {"name": "SeaMonkey", "version": "2.0", "operator": "eq"}, {"name": "Thunderbird", "version": "3.0", "operator": "eq"}, {"name": "Thunderbird", "version": "3.1", "operator": "eq"}, {"name": "Firefox", "version": "3.5", "operator": "eq"}], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:VULN:11286", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11286", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-82\r\n\r\nTitle: Incomplete fix for CVE-2010-0179\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: moz_bug_r_a4\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla security researcher moz_bug_r_a4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=554449\r\n * CVE-2010-3773\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-82", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3773", "CVE-2010-0179"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25271", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25271", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-74\r\n\r\nTitle: Miscellaneous memory safety hazards &#40;rv:1.9.2.13/ 1.9.1.16&#41;\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Mozilla developers and community\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n Thunderbird 3.1.7\r\n Thunderbird 3.0.11\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.\r\nReferences\r\n\r\nJesee Ruderman, Andreas Gal, Nils, and Brian Hackett reported memory safety problems that affected Firefox 3.6 and Firefox 3.5.\r\n\r\n * Memory safety bugs - Firefox 3.6, Firefox 3.5\r\n * CVE-2010-3776\r\n\r\nIgor Bukanov reported a memory safety problem that was fixed in Firefox 3.6 only.\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=599607\r\n * CVE-2010-3777\r\n\r\nJesse Ruderman reported a crash which affected Firefox 3.5 only.\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=411835\r\n * CVE-2010-3778\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-74", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3776"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25263", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25263", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-80\r\n\r\nTitle: Use-after-free error with nsDOMAttribute MutationObserver\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: regenrecht\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher regenrecht reported via TippingPoint&#39;s Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals. This flaw could lead to a inconsistent state where the iterator points to an object it believes is part of the DOM but actually points to some other object. If such an object had been deleted and its memory reclaimed by the system, then the iterator could be used to call into attacker-controlled memory.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=590771\r\n * CVE-2010-3766\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-80", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25269", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25269", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-78\r\n\r\nTitle: Add support for OTS font sanitizer\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Marc Schoenefeld, Christoph Diehl\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n Thunderbird 3.1.7\r\n Thunderbird 3.0.11\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code. This library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher Christoph Diehl.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=527276\r\n * CVE-2010-3768\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-78", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3768"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25267", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25267", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-76\r\n\r\nTitle: Chrome privilege escalation with window.open and &lt;isindex&gt; element\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: echo\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher echo reported that a web page could open a window with an about:blank location and then inject an &lt;isindex&gt; element into that page which upon submission would redirect to a chrome: document. The effect of this defect was that the original page would wind up with a reference to a chrome-privileged object, the opened window, which could be leveraged for privilege escalation attacks.\r\n\r\nMozilla security researcher moz_bug_r_a4 provided proof-of-concept code demonstrating how the above vulnerability could be used to run arbitrary code with chrome privileges.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=609437\r\n * CVE-2010-3771\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-76", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3771"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25265", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25265", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-83\r\n\r\nTitle: Location bar SSL spoofing using network error page\r\nImpact: High\r\nAnnounced: December 9, 2010\r\nReporter: Michal Zalewski\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nGoogle security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=602780\r\n * CVE-2010-3774\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-83", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3774"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25272", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25272", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-84\r\n\r\nTitle: XSS hazard in multiple character encodings\r\nImpact: Moderate\r\nAnnounced: December 9, 2010\r\nReporter: Yosuke Hasegawa, Masatoshi Kimura\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Sites using these character encodings would thus be potentially vulnerable to script injection attacks if their script filtering code fails to strip out these specific characters.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=601429\r\n * CVE-2010-3770\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-84", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3770"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25273", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25273", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-77\r\n\r\nTitle: Crash and remote code execution using HTML tags inside a XUL tree\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: wushi\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher wushi of team509 reported that when a XUL tree had an HTML &lt;div&gt; element nested inside a &lt;treechildren&gt; element then code attempting to display content in the XUL tree would incorrectly treat the &lt;div&gt; element as a parent node to tree content underneath it resulting in incorrect indexes being calculated for the child content. These incorrect indexes were used in subsequent array operations which resulted in writing data past the end of an allocated buffer. An attacker could use this issue to crash a victim&#39;s browser and run arbitrary code on their machine.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=594547\r\n * CVE-2010-3772\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-77", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3772"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25266", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25266", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-79\r\n\r\nTitle: Java security bypass from LiveConnect loaded via data: URL meta refresh\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Gregory Fleischer\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher Gregory Fleischer reported that when a Java LiveConnect script was loaded via a data: URL which redirects via a meta refresh, then the resulting plugin object was created with the wrong security principal and thus received elevated privileges such as the abilities to read local files, launch processes, and create network connections.\r\nReferences\r\n\r\n * Java LiveConnect bugs\r\n * CVE-2010-3775\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-79", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3775"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25268", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25268", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.securityfocus.com/bid/45326", "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=590771", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.zerodayinitiative.com/advisories/ZDI-10-264/", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3766", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12649", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12649"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3766"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12649", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12649"}], "modified": "2017-09-18T21:31:32", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3766", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=609437", "http://www.mozilla.org/security/announce/2010/mfsa2010-76.html", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.securityfocus.com/bid/45346", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3771", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12343", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12343"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3771"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12343", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12343"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3771", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3771", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://support.avaya.com/css/P8/documents/100124650", "http://www.mozilla.org/security/announce/2010/mfsa2010-83.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=602780", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.securitytracker.com/id?1024850", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3774", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12512", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12512"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3774"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12512", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12512"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3774", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3774", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html", "http://www.securitytracker.com/id?1024846", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.redhat.com/support/errata/RHSA-2010-0969.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=599607", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html", "http://support.avaya.com/css/P8/documents/100124650", "http://www.ubuntu.com/usn/USN-1020-1", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:258", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.securityfocus.com/bid/45348", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3777", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12468", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3777"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12468", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12468"}], "modified": "2017-09-18T21:31:34", "cpe": ["cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:3.6.1", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:firefox:3.6.6"], "id": "CVE-2010-3777", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3777", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securityfocus.com/bid/45354", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://www.mozilla.org/security/announce/2010/mfsa2010-82.html", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=554449", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3773", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11960", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11960"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3773"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11960", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11960"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3773", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3773", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=527276", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html", "http://www.securitytracker.com/id?1024846", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.redhat.com/support/errata/RHSA-2010-0969.html", "http://www.securityfocus.com/bid/45352", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "http://support.avaya.com/css/P8/documents/100124650", "http://www.ubuntu.com/usn/USN-1020-1", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:258", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251", "http://www.mozilla.org/security/announce/2010/mfsa2010-78.html"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3768", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12533", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3768"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12533", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12533"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3768", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3768", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=611897", "http://www.debian.org/security/2010/dsa-2132", "https://bugzilla.mozilla.org/show_bug.cgi?id=589041", "https://bugzilla.mozilla.org/show_bug.cgi?id=610525", "http://www.mozilla.org/security/announce/2010/mfsa2010-79.html", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.securityfocus.com/bid/45355", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3775", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11666", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11666"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3775"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11666", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11666"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3775", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3775", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-84.html", "http://www.securitytracker.com/id?1024851", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.securityfocus.com/bid/45353", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=601429", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2) x-mac-farsi, or (3) x-mac-hebrew characters that may be converted to angle brackets during rendering.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3770", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12348", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12348"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3770"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12348", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12348"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3770", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3770", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0968.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=594547", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://www.mozilla.org/security/announce/2010/mfsa2010-77.html", "http://www.securityfocus.com/bid/45351", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3772", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12324", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12324"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3772"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12324", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12324"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3772", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3772", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=599468", "http://www.redhat.com/support/errata/RHSA-2010-0968.html", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-81.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3767", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12610", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12610"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3767"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12610", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12610"}], "modified": "2017-09-18T21:31:32", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3767", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:37:04", "references": [], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-x86", "packageFilename": "mozilla-xulrunner192-gnome-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.0.1-4.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-4.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.0.1-4.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-4.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.0.1-3.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-3.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-x86", "packageFilename": "mozilla-xulrunner191-gnomevfs-x86-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-x86", "packageFilename": "mozilla-xulrunner191-translations-x86-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-x86", "packageFilename": "mozilla-xulrunner192-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.0.1-3.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-3.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-x86", "packageFilename": "mozilla-xulrunner192-translations-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}], "description": "Mozilla Firefox was updated to update 3.6.13 to fix several security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2011-01-05T11:25:44", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "suse", "title": "remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2011-01-05T11:25:44", "id": "SUSE-SA:2011:003", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:38", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=504021", "https://bugzilla.mozilla.org/show_bug.cgi?id=554449"], "edition": 1, "description": "Mozilla security researcher moz_bug_r_a4 reported\nthat the fix\nfor CVE-2010-0179\ncould be circumvented permitting the execution of arbitrary JavaScript\nwith chrome privileges.", "reporter": "Mozilla Foundation", "published": "2010-12-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Incomplete fix for CVE-2010-0179", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "3.6.13", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.0.11", "operator": "lt"}, {"name": "Firefox", "version": "3.5.16", "operator": "lt"}], "cvelist": [], "modified": "2010-12-09T00:00:00", "id": "MFSA2010-82", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2010-82/", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdi": [{"lastseen": "2016-11-09T00:17:57", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-80.html"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the application's support of the NodeIterator API used for element traversal. Due to a particular element not implementing functionality required by the API, a use-after free vulnerability can be forced to occur. This can be used to achieve code execution under the context of the application.", "reporter": "regenrecht", "published": "2010-12-09T00:00:00", "title": "Mozilla Firefox nsDOMAttribute MutationObserver Remote Code Execution Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2010-3766"], "modified": "2010-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-264", "id": "ZDI-10-264", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:18:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-81.html"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.", "reporter": "regenrecht", "published": "2010-12-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability", "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2010-3767"], "modified": "2010-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-265", "id": "ZDI-10-265", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-04T00:36:15", "osvdbidlist": ["69772"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities. CVE-2010-3770. Remote exploit for linux platform", "reporter": "Yosuke Hasegawa", "published": "2010-12-09T00:00:00", "type": "exploitdb", "title": "Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3770"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2010-12-09T00:00:00", "id": "EDB-ID:35095", "href": "https://www.exploit-db.com/exploits/35095/", "sourceData": "source: http://www.securityfocus.com/bid/45353/info\r\n\r\nMozilla Firefox, SeaMonkey, and Thunderbird are prone to multiple HTML-injection vulnerabilities.\r\n\r\nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.\r\n\r\nThis issue is fixed in:\r\n\r\nFirefox 3.6.13\r\nFirefox 3.5.16\r\nSeaMonkey 2.0.11\r\n\r\nx-mac-farsi exploit: <meta charset=\"x-mac-farsi\">?script ?alert(1)//?/script ?", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/35095/"}], "seebug": [{"lastseen": "2017-11-19T18:05:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE:CVE-2010-3775\r\nBugtraq ID:45355 \r\n\r\nMozilla Firefox and SeaMonkey are prone to a security-bypass vulnerability.\r\n\r\nAttackers can exploit this issue to bypass security restrictions and obtain elevated privileges such as the abilities to read local files, launch processes, and create network connections.\r\n\r\nThis issue is fixed in:\r\n\r\nFirefox 3.6.13\r\nFirefox 3.5.16\r\nSeaMonkey 2.0.11\r\n\r\nNOTE: This issue was previously covered in BID 45322 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-74 -82, 84 Multiple Vulnerabilities), but has been assigned its own record to better document it. \n\nUbuntu Ubuntu Linux 9.10 sparc\r\nUbuntu Ubuntu Linux 9.10 powerpc\r\nUbuntu Ubuntu Linux 9.10 lpia\r\nUbuntu Ubuntu Linux 9.10 i386\r\nUbuntu Ubuntu Linux 9.10 ARM\r\nUbuntu Ubuntu Linux 9.10 amd64\r\nUbuntu Ubuntu Linux 8.04 LTS sparc\r\nUbuntu Ubuntu Linux 8.04 LTS powerpc\r\nUbuntu Ubuntu Linux 8.04 LTS lpia\r\nUbuntu Ubuntu Linux 8.04 LTS i386\r\nUbuntu Ubuntu Linux 8.04 LTS amd64\r\nUbuntu Ubuntu Linux 10.10 powerpc\r\nUbuntu Ubuntu Linux 10.10 i386\r\nUbuntu Ubuntu Linux 10.10 ARM\r\nUbuntu Ubuntu Linux 10.10 amd64\r\nUbuntu Ubuntu Linux 10.04 sparc\r\nUbuntu Ubuntu Linux 10.04 powerpc\r\nUbuntu Ubuntu Linux 10.04 i386\r\nUbuntu Ubuntu Linux 10.04 ARM\r\nUbuntu Ubuntu Linux 10.04 amd64\r\nSuSE SUSE Linux Enterprise Server 11 SP1\r\nSuSE SUSE Linux Enterprise Server 10 SP3\r\nSuSE SUSE Linux Enterprise SDK 11 SP1\r\nSuSE SUSE Linux Enterprise SDK 10 SP3\r\nSuSE SUSE Linux Enterprise Desktop 11 SP1\r\n+ Linux kernel 2.6.5\r\nSuSE SUSE Linux Enterprise Desktop 10 SP3\r\nSuSE openSUSE 11.3\r\nSlackware Linux x86_64 -current\r\nSlackware Linux 13.1 x86_64\r\nSlackware Linux 13.1\r\nSlackware Linux 13.0 x86_64\r\nSlackware Linux 13.0\r\nSlackware Linux -current\r\nS.u.S.E. openSUSE 11.2\r\nS.u.S.E. openSUSE 11.1\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux Desktop Workstation 5 client\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux Desktop version 4\r\nRedHat Enterprise Linux 5 server\r\nRed Hat Fedora 14\r\nRed Hat Fedora 13\r\nRed Hat Enterprise Linux Workstation Optional 6\r\nRed Hat Enterprise Linux Workstation 6\r\nRed Hat Enterprise Linux Server Optional 6\r\nRed Hat Enterprise Linux Server 6\r\nRed Hat Enterprise Linux HPC Node Optional 6\r\nRed Hat Enterprise Linux Desktop Optional 6\r\nRed Hat Enterprise Linux Desktop 6\r\nRed Hat Enterprise Linux Desktop 5 client\r\nMozilla SeaMonkey 2.0.9\r\nMozilla SeaMonkey 2.0.8\r\nMozilla SeaMonkey 2.0.5\r\nMozilla SeaMonkey 2.0.4\r\nMozilla SeaMonkey 2.0.3\r\nMozilla SeaMonkey 2.0.2\r\nMozilla SeaMonkey 2.0.1\r\nMozilla SeaMonkey 2.0.9\r\nMozilla SeaMonkey 2.0.7\r\nMozilla SeaMonkey 2.0.6\r\nMozilla SeaMonkey 2.0.5\r\nMozilla SeaMonkey 2.0.4\r\nMozilla SeaMonkey 2.0.10\r\nMozilla SeaMonkey 2.0 Rc2\r\nMozilla SeaMonkey 2.0 Rc1\r\nMozilla SeaMonkey 2.0 Beta 2\r\nMozilla SeaMonkey 2.0 Beta 1\r\nMozilla SeaMonkey 2.0 Alpha 3\r\nMozilla SeaMonkey 2.0 Alpha 2\r\nMozilla SeaMonkey 2.0 Alpha 1\r\nMozilla SeaMonkey 2.0\r\nMozilla Firefox 3.6.10\r\nMozilla Firefox 3.6.9\r\nMozilla Firefox 3.6.8\r\nMozilla Firefox 3.6.6\r\nMozilla Firefox 3.6.4\r\nMozilla Firefox 3.6.3\r\nMozilla Firefox 3.6.2\r\nMozilla Firefox 3.6.2\r\nMozilla Firefox 3.5.17\r\nMozilla Firefox 3.5.14\r\nMozilla Firefox 3.5.13\r\nMozilla Firefox 3.5.10\r\nMozilla Firefox 3.5.10\r\nMozilla Firefox 3.5.9\r\nMozilla Firefox 3.5.9\r\nMozilla Firefox 3.5.8\r\nMozilla Firefox 3.5.7\r\nMozilla Firefox 3.5.6\r\nMozilla Firefox 3.5.5\r\nMozilla Firefox 3.5.4\r\nMozilla Firefox 3.5.3\r\nMozilla Firefox 3.5.2\r\nMozilla Firefox 3.5.1\r\nMozilla Firefox 3.5\r\nMozilla Firefox 3.6.7\r\nMozilla Firefox 3.6.6\r\nMozilla Firefox 3.6.12\r\nMozilla Firefox 3.6.11\r\nMozilla Firefox 3.6 Beta 3\r\nMozilla Firefox 3.6 Beta 2\r\nMozilla Firefox 3.6\r\nMozilla Firefox 3.5.15\r\nMozilla Firefox 3.5.12\r\nMozilla Firefox 3.5.11\r\nMandrakeSoft Linux Mandrake 2010.1 x86_64\r\nMandrakeSoft Linux Mandrake 2010.1\r\nMandrakeSoft Linux Mandrake 2010.0 x86_64\r\nMandrakeSoft Linux Mandrake 2010.0\r\nMandrakeSoft Linux Mandrake 2009.0 x86_64\r\nMandrakeSoft Linux Mandrake 2009.0\r\nMandrakeSoft Enterprise Server 5 x86_64\r\nMandrakeSoft Enterprise Server 5\r\nAvaya Messaging Storage Server MSS 5.1\r\nAvaya Messaging Storage Server MSS 4.1\r\nAvaya Messaging Storage Server 5.2.8\r\nAvaya Messaging Storage Server 5.2.2\r\nAvaya Messaging Storage Server 5.2 SP3\r\nAvaya Messaging Storage Server 5.2 SP2\r\nAvaya Messaging Storage Server 5.2 SP1\r\nAvaya Messaging Storage Server 5.2\r\nAvaya Messaging Storage Server 5.1 SP2\r\nAvaya Messaging Storage Server 5.1 SP1\r\nAvaya Messaging Storage Server 5.1\r\nAvaya Messaging Storage Server 5.0\r\nAvaya Messaging Storage Server 4.0\r\nAvaya Message Networking 5.2.1\r\nAvaya Message Networking MN 3.1\r\nAvaya Message Networking 5.2.2\r\nAvaya Message Networking 5.2 SP1\r\nAvaya Message Networking 5.2\r\nAvaya Message Networking 3.1\r\nAvaya IQ 4.1\r\nAvaya IQ 5.1\r\nAvaya IQ 5\r\nAvaya IQ 4.2\r\nAvaya IQ 4.0\r\nAvaya Intuity AUDIX LX 2.0 SP2\r\nAvaya Intuity AUDIX LX 2.0 SP1\r\nAvaya Intuity AUDIX LX 2.0\r\nAvaya Communication Server 1000M Signaling Server 7.5\r\nAvaya Communication Server 1000M Signaling Server 7.0\r\nAvaya Communication Server 1000M 7.5\r\nAvaya Communication Server 1000M 7.0\r\nAvaya Communication Server 1000E Signaling Server 7.5\r\nAvaya Communication Server 1000E Signaling Server 7.0\r\nAvaya Communication Server 1000E 7.5\r\nAvaya Communication Server 1000E 7.0\r\nAvaya Aura System Manager 6.1.1\r\nAvaya Aura System Manager 6.1\r\nAvaya Aura System Manager 6.0 SP1\r\nAvaya Aura System Manager 6.0\r\nAvaya Aura System Manager 5.2\r\nAvaya Aura Session Manager 6.1.2\r\nAvaya Aura Session Manager 6.1.1\r\nAvaya Aura Session Manager 6.1\r\nAvaya Aura Session Manager 6.0 SP1\r\nAvaya Aura Session Manager 6.0\r\nAvaya Aura Session Manager 5.2 SP2\r\nAvaya Aura Session Manager 5.2 SP1\r\nAvaya Aura Session Manager 5.2\r\nAvaya Aura Session Manager 1.1\r\nAvaya Aura Presence Services 6.1\r\nAvaya Aura Presence Services 6.0\nhttp://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser -3.0-branding_3.6.13+build3+nobinonly-0ubuntu0.9.10.1_all.deb\r\nhttp://www.securityfocus.com/bid/45355/solution", "reporter": "Root", "published": "2011-08-01T00:00:00", "title": "Mozilla Firefox and SeaMonkey Java LiveConnect Script Security Bypass Vulnerability", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3775"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2011-08-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20801", "id": "SSV:20801", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "", "status": "details"}]}