{"id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "published": "2012-08-01T00:00:00", "modified": "2012-08-01T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "reporter": "Tenable", "references": ["http://www.nessus.org/u?a561cb11"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "type": "nessus", "lastseen": "2018-09-02T00:03:08", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 1, "enchantments": {}, "hash": "06ef87f03bf2a6e54cf8956e157f008abd799a324e5284db34d77b96b5a747c4", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2016-09-26T17:26:03", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:03"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "4cc58ae2f62fce18fee2f6e5b6c973d0bbff10f7e4b7d9413dd61822680e8067", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "b1e432cd926620a2b9bd9816ef9503c6", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2017-10-29T13:43:24", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:43:24"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "edition": 3, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "bcb7669a8bee4069a319d15f8d49358362af71d25109e6f1dcc5b8007bc73b45", "hashmap": [{"hash": "7997d5ae47791c98fcd44a09734fbf43", "key": "cvelist"}, {"hash": "b1e432cd926620a2b9bd9816ef9503c6", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9a54a33bda21279ea4f263e567096ba1", "key": "pluginID"}, {"hash": "bed951b2eaa5deb802dc7e1cc614159c", "key": "references"}, {"hash": "98598a687aecf3bc6e9c0ef2ecc068e0", "key": "href"}, {"hash": "5bf5ea4544d81c99ebe7280b545a1922", "key": "description"}, {"hash": "2d34aaeb963144a6faaca1b3c9fb6057", "key": "title"}, {"hash": "b3a4d461a1383c8ba9fa401b58d29827", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "9cbf9c75bb6eac86839a4a4adcf2fe46", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "published"}, {"hash": "3ff4afbf9eedf98937c2e5c5cf13456f", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=60916", "id": "SL_20101209_FIREFOX_ON_SL4_X.NASL", "lastseen": "2018-08-30T19:53:23", "modified": "2012-08-01T00:00:00", "naslFamily": "Scientific Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "60916", "published": "2012-08-01T00:00:00", "references": ["http://www.nessus.org/u?a561cb11"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:53:23"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "b1e432cd926620a2b9bd9816ef9503c6"}, {"key": "cvelist", "hash": "7997d5ae47791c98fcd44a09734fbf43"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "5bf5ea4544d81c99ebe7280b545a1922"}, {"key": "href", "hash": "98598a687aecf3bc6e9c0ef2ecc068e0"}, {"key": "modified", "hash": "3ff4afbf9eedf98937c2e5c5cf13456f"}, {"key": "naslFamily", "hash": "b3a4d461a1383c8ba9fa401b58d29827"}, {"key": "pluginID", "hash": "9a54a33bda21279ea4f263e567096ba1"}, {"key": "published", "hash": "3ff4afbf9eedf98937c2e5c5cf13456f"}, {"key": "references", "hash": "bed951b2eaa5deb802dc7e1cc614159c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "9cbf9c75bb6eac86839a4a4adcf2fe46"}, {"key": "title", "hash": "2d34aaeb963144a6faaca1b3c9fb6057"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "4cc58ae2f62fce18fee2f6e5b6c973d0bbff10f7e4b7d9413dd61822680e8067", "viewCount": 1, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}, "vulnersScore": 9.3}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60916);\n script_version(\"$Revision: 1.1 $\");\n script_cvs_date(\"$Date: 2012/08/01 14:38:55 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1012&L=scientific-linux-errata&T=0&P=926\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a561cb11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "pluginID": "60916", "cpe": ["x-cpe:/o:fermilab:scientific_linux"]}

{"openvas": [{"lastseen": "2018-01-18T11:05:15", "references": ["2010-18775", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html"], "pluginID": "1361412562310862726", "description": "Check for the Version of gnome-python2-extras", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for gnome-python2-extras FEDORA-2010-18775", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862726", "id": "OPENVAS:1361412562310862726", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 13\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862726\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~25.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:04:36", "references": ["2010:251-1", "http://lists.mandriva.com/security-announce/2010-12/msg00022.php"], "pluginID": "1361412562310831292", "description": "Check for the Version of firefox", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Mandriva Update for firefox MDVSA-2010:251-1 (firefox)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831292", "id": "OPENVAS:1361412562310831292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for firefox MDVSA-2010:251-1 (firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues were identified and fixed in firefox:\n\n Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that\n the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are\n vulnerable to XSS attacks due to some characters being converted to\n angle brackets when displayed by the rendering engine. Sites using\n these character encodings would thus be potentially vulnerable to\n script injection attacks if their script filtering code fails to\n strip out these specific characters (CVE-2010-3770).\n \n Google security researcher Michal Zalewski reported that when a\n window was opened to a site resulting in a network or certificate\n error page, the opening site could access the document inside the\n opened window and inject arbitrary content. An attacker could use\n this bug to spoof the location bar and trick a user into thinking\n they were on a different site than they actually were (CVE-2010-3774).\n \n Mozilla security researcher moz_bug_r_a4 reported that the fix for\n CVE-2010-0179 could be circumvented permitting the execution of\n arbitrary JavaScript with chrome privileges (CVE-2010-3773).\n \n Security researcher regenrecht reported via TippingPoint's Zero\n Day Initiative that JavaScript arrays were vulnerable to an integer\n overflow vulnerability. The report demonstrated that an array could\n be constructed containing a very large number of items such that when\n memory was allocated to store the array items, the integer value used\n to calculate the buffer size would overflow resulting in too small a\n buffer being allocated. Subsequent use of the array object could then\n result in data being written past the end of the buffer and causing\n memory corruption (CVE-2010-3767).\n \n Security researcher regenrecht reported via TippingPoint's Zero Day\n Initiative that a nsDOMAttribute node can be modified without informing\n the iterator object responsible for various DOM traversals. This\n flaw could lead to a inconsistent state where the iterator points\n to an object it believes is part of the DOM but actually points to\n some other object. If such an object had been deleted and its memory\n reclaimed by the system, then the iterator could be used to call into\n attacker-controlled memory (CVE-2010-3766).\n \n Security researcher Gregory Fleischer reported that when a Java\n LiveConnect script was loaded via a data: URL which redirects via a\n meta refresh, then the resulting plugin object was created with the\n wrong security principal and thus received elevated privileges such\n as the abilities to read l ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00022.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831292\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:251-1\");\n script_cve_id(\"CVE-2010-3770\", \"CVE-2010-3774\", \"CVE-2010-0179\", \"CVE-2010-3773\", \"CVE-2010-3767\", \"CVE-2010-3766\", \"CVE-2010-3775\", \"CVE-2010-3768\", \"CVE-2010-3772\", \"CVE-2010-3771\", \"CVE-2010-3769\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Mandriva Update for firefox MDVSA-2010:251-1 (firefox)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~6.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-foxmarks\", rpm:\"firefox-ext-foxmarks~2.7.2~2.4mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~6.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-plasmanotify\", rpm:\"firefox-ext-plasmanotify~0.3.1~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~9.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~7.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~10.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-dbus1.0_0\", rpm:\"libggadget-dbus1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-js1.0_0\", rpm:\"libggadget-js1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-npapi1.0_0\", rpm:\"libggadget-npapi1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-webkitjs0\", rpm:\"libggadget-webkitjs0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-xdg1.0_0\", rpm:\"libggadget-xdg1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.20mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.28.5~1.12mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.28.5~1.12mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-nautilus\", rpm:\"totem-nautilus~2.28.5~1.12mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.28.0~1.17mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets\", rpm:\"google-gadgets~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-dbus1.0_0\", rpm:\"lib64ggadget-dbus1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-js1.0_0\", rpm:\"lib64ggadget-js1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-npapi1.0_0\", rpm:\"lib64ggadget-npapi1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-webkitjs0\", rpm:\"lib64ggadget-webkitjs0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-xdg1.0_0\", rpm:\"lib64ggadget-xdg1.0_0~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.11.2~0.10mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.9~1.15mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:05:20", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052030.html"], "pluginID": "1361412562310862731", "description": "Check for the Version of perl-Gtk2-MozEmbed", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862731", "id": "OPENVAS:1361412562310862731", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"perl-Gtk2-MozEmbed on Fedora 14\";\ntag_insight = \"This module allows you to use the Mozilla embedding widget from Perl.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052030.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862731\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for perl-Gtk2-MozEmbed FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl-Gtk2-MozEmbed\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-Gtk2-MozEmbed\", rpm:\"perl-Gtk2-MozEmbed~0.08~6.fc14.22\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-08T11:43:55", "references": ["2010-18775", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052024.html"], "pluginID": "862734", "description": "Check for the Version of gnome-web-photo", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for gnome-web-photo FEDORA-2010-18775", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862734", "id": "OPENVAS:862734", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-web-photo FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-web-photo on Fedora 13\";\ntag_insight = \"gnome-web-photo contains a thumbnailer that will be used by GNOME applications,\n including the file manager, to generate screenshots of web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052024.html\");\n script_id(862734);\n script_version(\"$Revision: 8032 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-07 15:40:57 +0100 (Thu, 07 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for gnome-web-photo FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-web-photo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-web-photo\", rpm:\"gnome-web-photo~0.9~15.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:56", "references": ["2010:251", "http://lists.mandriva.com/security-announce/2010-12/msg00011.php"], "pluginID": "831278", "description": "Check for the Version of firefox", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "Mandriva Update for firefox MDVSA-2010:251 (firefox)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-13T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=831278", "id": "OPENVAS:831278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for firefox MDVSA-2010:251 (firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues were identified and fixed in firefox:\n\n Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that\n the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are\n vulnerable to XSS attacks due to some characters being converted to\n angle brackets when displayed by the rendering engine. Sites using\n these character encodings would thus be potentially vulnerable to\n script injection attacks if their script filtering code fails to\n strip out these specific characters (CVE-2010-3770).\n \n Google security researcher Michal Zalewski reported that when a\n window was opened to a site resulting in a network or certificate\n error page, the opening site could access the document inside the\n opened window and inject arbitrary content. An attacker could use\n this bug to spoof the location bar and trick a user into thinking\n they were on a different site than they actually were (CVE-2010-3774).\n \n Mozilla security researcher moz_bug_r_a4 reported that the fix for\n CVE-2010-0179 could be circumvented permitting the execution of\n arbitrary JavaScript with chrome privileges (CVE-2010-3773).\n \n Security researcher regenrecht reported via TippingPoint's Zero\n Day Initiative that JavaScript arrays were vulnerable to an integer\n overflow vulnerability. The report demonstrated that an array could\n be constructed containing a very large number of items such that when\n memory was allocated to store the array items, the integer value used\n to calculate the buffer size would overflow resulting in too small a\n buffer being allocated. Subsequent use of the array object could then\n result in data being written past the end of the buffer and causing\n memory corruption (CVE-2010-3767).\n \n Security researcher regenrecht reported via TippingPoint's Zero Day\n Initiative that a nsDOMAttribute node can be modified without informing\n the iterator object responsible for various DOM traversals. This\n flaw could lead to a inconsistent state where the iterator points\n to an object it believes is part of the DOM but actually points to\n some other object. If such an object had been deleted and its memory\n reclaimed by the system, then the iterator could be used to call into\n attacker-controlled memory (CVE-2010-3766).\n \n Security researcher Gregory Fleischer reported that when a Java\n LiveConnect script was loaded via a data: URL which ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-12/msg00011.php\");\n script_id(831278);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2010:251\");\n script_cve_id(\"CVE-2010-3770\", \"CVE-2010-3774\", \"CVE-2010-0179\", \"CVE-2010-3773\", \"CVE-2010-3767\", \"CVE-2010-3766\", \"CVE-2010-3775\", \"CVE-2010-3768\", \"CVE-2010-3772\", \"CVE-2010-3771\", \"CVE-2010-3769\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Mandriva Update for firefox MDVSA-2010:251 (firefox)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.23mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.13\", rpm:\"libxulrunner1.9.2.13~1.9.2.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.24mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.13\", rpm:\"lib64xulrunner1.9.2.13~1.9.2.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.13~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~13.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0.1~2.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.8.1~2.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.2~2.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-weave-sync\", rpm:\"firefox-ext-weave-sync~1.1~5.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.6.14~2.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gjs\", rpm:\"gjs~0.6~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~18.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs0\", rpm:\"libgjs0~0.6~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs-devel\", rpm:\"libgjs-devel~0.6~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.13\", rpm:\"libxulrunner1.9.2.13~1.9.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~40.9mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.30.1~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs0\", rpm:\"lib64gjs0~0.6~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs-devel\", rpm:\"lib64gjs-devel~0.6~4.6mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.13\", rpm:\"lib64xulrunner1.9.2.13~1.9.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.13~0.1mdv2010.1\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~6.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-foxmarks\", rpm:\"firefox-ext-foxmarks~2.7.2~2.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~6.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-plasmanotify\", rpm:\"firefox-ext-plasmanotify~0.3.1~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~9.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.8mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.8mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~7.13mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~10.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-dbus1.0_0\", rpm:\"libggadget-dbus1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-js1.0_0\", rpm:\"libggadget-js1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-npapi1.0_0\", rpm:\"libggadget-npapi1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-webkitjs0\", rpm:\"libggadget-webkitjs0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-xdg1.0_0\", rpm:\"libggadget-xdg1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.13\", rpm:\"libxulrunner1.9.2.13~1.9.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.28.5~1.11mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.28.5~1.11mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-nautilus\", rpm:\"totem-nautilus~2.28.5~1.11mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.28.0~1.16mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets\", rpm:\"google-gadgets~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-dbus1.0_0\", rpm:\"lib64ggadget-dbus1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-js1.0_0\", rpm:\"lib64ggadget-js1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-npapi1.0_0\", rpm:\"lib64ggadget-npapi1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-webkitjs0\", rpm:\"lib64ggadget-webkitjs0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-xdg1.0_0\", rpm:\"lib64ggadget-xdg1.0_0~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.11.2~0.9mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.9~1.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.13\", rpm:\"lib64xulrunner1.9.2.13~1.9.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.13~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.3~0.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.3~0.10mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~0.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~0.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~0.9mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.23mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.13\", rpm:\"libxulrunner1.9.2.13~1.9.2.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.31mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.21mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.13\", rpm:\"lib64xulrunner1.9.2.13~1.9.2.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.13~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:32:28", "references": ["2010-18775", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html"], "pluginID": "862729", "description": "Check for the Version of galeon", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for galeon FEDORA-2010-18775", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-12-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862729", "id": "OPENVAS:862729", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for galeon FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"galeon on Fedora 13\";\ntag_insight = \"Galeon is a web browser built around Gecko (Mozilla's rendering\n engine) and Necko (Mozilla's networking engine). It's a GNOME web\n browser, designed to take advantage of as many GNOME technologies as\n makes sense. Galeon was written to do just one thing - browse the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html\");\n script_id(862729);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for galeon FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of galeon\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.7~36.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:51", "references": ["2010:0966", "http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html"], "pluginID": "880467", "description": "Check for the Version of firefox", "edition": 2, "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "published": "2011-01-31T00:00:00", "title": "CentOS Update for firefox CESA-2010:0966 centos4 i386", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880467", "id": "OPENVAS:880467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2010:0966 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\n CVE-2010-3777)\n \n A flaw was found in the way Firefox handled malformed JavaScript. A website\n with an object containing malicious JavaScript could cause Firefox to\n execute that JavaScript with the privileges of the user running Firefox.\n (CVE-2010-3771)\n \n This update adds support for the Sanitiser for OpenType (OTS) library to\n Firefox. This library helps prevent potential exploits in malformed\n OpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n \n A flaw was found in the way Firefox loaded Java LiveConnect scripts.\n Malicious web content could load a Java LiveConnect script in a way that\n would result in the plug-in object having elevated privileges, allowing it\n to execute Java code with the privileges of the user running Firefox.\n (CVE-2010-3775)\n \n It was found that the fix for CVE-2010-0179 was incomplete when the Firebug\n add-on was used. If a user visited a website containing malicious\n JavaScript while the Firebug add-on was enabled, it could cause Firefox to\n execute arbitrary JavaScript with the privileges of the user running\n Firefox. (CVE-2010-3773)\n \n A flaw was found in the way Firefox presented the location bar to users. A\n malicious website could trick a user into thinking they are visiting the\n site reported by the location bar, when the page is actually content\n controlled by an attacker. (CVE-2010-3774)\n \n A cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\n x-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\n converted to angle brackets when displayed. If server-side script filtering\n missed these cases, it could result in Firefox executing JavaScript code\n with the permissions of a different website. (CVE-2010-3770)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.6.13. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n \n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.6.13, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\");\n script_id(880467);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0966\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-0179\");\n script_name(\"CentOS Update for firefox CESA-2010:0966 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~3.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-26T11:06:06", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html"], "pluginID": "1361412562310862727", "description": "Check for the Version of xulrunner", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for xulrunner FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-25T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862727", "id": "OPENVAS:1361412562310862727", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 14\";\ntag_insight = \"XULRunner provides the XUL Runtime environment for Gecko applications.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862727\");\n script_version(\"$Revision: 8528 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 08:57:36 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for xulrunner FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:04:38", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html", "2010-18775"], "pluginID": "1361412562310862723", "description": "Check for the Version of xulrunner", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for xulrunner FEDORA-2010-18775", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862723", "id": "OPENVAS:1361412562310862723", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2010-18775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 13\";\ntag_insight = \"XULRunner provides the XUL Runtime environment for Gecko applications.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862723\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18775\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for xulrunner FEDORA-2010-18775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.13~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-23T13:05:45", "references": ["2010-18773", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html"], "pluginID": "1361412562310862724", "description": "Check for the Version of firefox", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-12-28T00:00:00", "title": "Fedora Update for firefox FEDORA-2010-18773", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-01-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862724", "id": "OPENVAS:1361412562310862724", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2010-18773\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 14\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862724\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18773\");\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-0179\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_name(\"Fedora Update for firefox FEDORA-2010-18773\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.13~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-06-12T21:10:15", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "ia64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.6.13-3.el4", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-3.6.13-3.el4.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "i386", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "src", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "x86_64", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ppc", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ppc", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ppc64", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ppc64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "s390", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "s390", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "s390x", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "s390x", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "i386", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "x86_64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.6.13-2.el5", "arch": "ia64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ia64", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.2.13-3.el5", "arch": "ia64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el5.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "i686", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-3.6.13-2.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "i686", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el6_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "src", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-3.6.13-2.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "x86_64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "i686", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "x86_64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "i686", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "x86_64", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-3.6.13-2.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "ppc64", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-3.6.13-2.el6_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390x", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-1.9.2.13-3.el6_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390x", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-1.9.2.13-3.el6_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.6.13-2.el6_0", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-3.6.13-2.el6_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "1.9.2.13-3.el6_0", "arch": "s390x", "packageName": "xulrunner", "packageFilename": "xulrunner-1.9.2.13-3.el6_0.s390x.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\nCVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website\nwith an object containing malicious JavaScript could cause Firefox to\nexecute that JavaScript with the privileges of the user running Firefox.\n(CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nFirefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running Firefox.\n(CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug\nadd-on was used. If a user visited a website containing malicious\nJavaScript while the Firebug add-on was enabled, it could cause Firefox to\nexecute arbitrary JavaScript with the privileges of the user running\nFirefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\nx-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\nconverted to angle brackets when displayed. If server-side script filtering\nmissed these cases, it could result in Firefox executing JavaScript code\nwith the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.13. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.13, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0966) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0179", "CVE-2010-3766", "CVE-2010-3767", "CVE-2010-3768", "CVE-2010-3770", "CVE-2010-3771", "CVE-2010-3772", "CVE-2010-3773", "CVE-2010-3774", "CVE-2010-3775", "CVE-2010-3776", "CVE-2010-3777"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:12", "id": "RHSA-2010:0966", "href": "https://access.redhat.com/errata/RHSA-2010:0966", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:31", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "i386", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.i386.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ia64", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.ia64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.x86_64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "ppc", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.ppc.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.s390.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-chat-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-devel-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.0.9-66.el4_8", "arch": "s390x", "packageFilename": "seamonkey-mail-1.0.9-66.el4_8.s390x.rpm", "packageName": "seamonkey-mail", "operator": "lt"}], "description": "SeaMonkey is an open source web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nA flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running SeaMonkey.\n(CVE-2010-3775)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0967) Critical: seamonkey security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3767", "CVE-2010-3772", "CVE-2010-3775", "CVE-2010-3776"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:51:20", "id": "RHSA-2010:0967", "href": "https://access.redhat.com/errata/RHSA-2010:0967", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T21:10:09", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "i686", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-3.1.7-3.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "src", "packageName": "thunderbird", "packageFilename": "thunderbird-3.1.7-3.el6_0.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "x86_64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-3.1.7-3.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "i686", "packageName": "thunderbird", "packageFilename": "thunderbird-3.1.7-3.el6_0.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-3.1.7-3.el6_0.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "ppc64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-3.1.7-3.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "ppc64", "packageName": "thunderbird", "packageFilename": "thunderbird-3.1.7-3.el6_0.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "s390x", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-3.1.7-3.el6_0.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.1.7-3.el6_0", "arch": "s390x", "packageName": "thunderbird", "packageFilename": "thunderbird-3.1.7-3.el6_0.s390x.rpm", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2010-3776, CVE-2010-3777)\n\nNote: JavaScript support is disabled in Thunderbird for mail messages. The\nabove issues are believed to not be exploitable without JavaScript.\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nThunderbird. This library helps prevent potential exploits in malformed OpenType\nfonts by verifying the font file prior to use. (CVE-2010-3768)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0969) Moderate: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3777"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:12", "id": "RHSA-2010:0969", "href": "https://access.redhat.com/errata/RHSA-2010:0969", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:20:20", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.0.0.24-13.el5_5", "packageName": "thunderbird", "packageFilename": "thunderbird-2.0.0.24-13.el5_5.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.0.0.24-13.el5_5", "packageName": "thunderbird", "packageFilename": "thunderbird-2.0.0.24-13.el5_5.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.0.0.24-13.el5_5", "packageName": "thunderbird", "packageFilename": "thunderbird-2.0.0.24-13.el5_5.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content. HTML\ncontaining malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nNote: JavaScript support is disabled by default in Thunderbird. The above\nissues are not exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n", "reporter": "RedHat", "published": "2010-12-09T05:00:00", "type": "redhat", "title": "(RHSA-2010:0968) Moderate: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3767", "CVE-2010-3772", "CVE-2010-3776"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:54:12", "id": "RHSA-2010:0968", "href": "https://access.redhat.com/errata/RHSA-2010:0968", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "i386", "packageFilename": "firefox-3.0.19-1.el4.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.el4.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.el4.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "ppc", "packageFilename": "firefox-3.0.19-1.el4.ppc.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "s390", "packageFilename": "firefox-3.0.19-1.el4.s390.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.0.19-1.el4", "arch": "s390x", "packageFilename": "firefox-3.0.19-1.el4.s390x.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "i386", "packageFilename": "firefox-3.0.19-1.el5_5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "i386", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.el5_5.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ppc64", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.ppc64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ppc", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.ppc.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ppc", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.ppc.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ppc64", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.ppc64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "ppc", "packageFilename": "firefox-3.0.19-1.el5_5.ppc.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ppc", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.el5_5.ppc.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "s390x", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.s390x.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "s390x", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.s390x.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "s390", "packageFilename": "firefox-3.0.19-1.el5_5.s390.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "s390", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.s390.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "s390x", "packageFilename": "firefox-3.0.19-1.el5_5.s390x.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "s390x", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.el5_5.s390x.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "s390", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.s390.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.el5_5.i386.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.0.19-1.el5_5", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.el5_5.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.el5_5.ia64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-1.9.0.19-1.el5_5.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.9.0.19-1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-1.9.0.19-1.el5_5.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}], "description": "Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral use-after-free flaws were found in Firefox. Visiting a web page\ncontaining malicious content could result in Firefox executing arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-0175,\nCVE-2010-0176, CVE-2010-0177)\n\nA flaw was found in Firefox that could allow an applet to generate a drag\nand drop action from a mouse click. Such an action could be used to execute\narbitrary JavaScript with the privileges of the user running Firefox.\n(CVE-2010-0178)\n\nA privilege escalation flaw was found in Firefox when the Firebug add-on is\nin use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome\nprivilege escalation flaw that could be used to execute arbitrary\nJavaScript with the privileges of the user running Firefox. (CVE-2010-0179)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0174)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.19. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.19, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2010-03-30T04:00:00", "type": "redhat", "title": "(RHSA-2010:0332) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0176", "CVE-2010-0177", "CVE-2010-0178", "CVE-2010-0179"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:07:11", "id": "RHSA-2010:0332", "href": "https://access.redhat.com/errata/RHSA-2010:0332", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:34:46", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=660439", "http://www.nessus.org/u?060ea4c5", "http://www.nessus.org/u?4c81664e", "http://www.nessus.org/u?6e808f0c", "https://bugzilla.redhat.com/show_bug.cgi?id=660408", "http://www.nessus.org/u?42e7275c", "https://bugzilla.redhat.com/show_bug.cgi?id=660435", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "https://bugzilla.redhat.com/show_bug.cgi?id=660422", "https://bugzilla.redhat.com/show_bug.cgi?id=660419", "https://bugzilla.redhat.com/show_bug.cgi?id=660438", "https://bugzilla.redhat.com/show_bug.cgi?id=660431", "http://www.nessus.org/u?191cabf8", "http://www.nessus.org/u?9e29b859", "https://bugzilla.redhat.com/show_bug.cgi?id=660417", "https://bugzilla.redhat.com/show_bug.cgi?id=660429", "http://www.nessus.org/u?a918a1e7", "https://bugzilla.redhat.com/show_bug.cgi?id=660415", "http://www.nessus.org/u?488935df"], "pluginID": "51131", "description": "Update to new upstream Firefox version 3.6.13, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f irefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "Fedora 13 : firefox-3.6.13-1.fc13 / galeon-2.0.7-36.fc13 / gnome-python2-extras-2.25.3-25.fc13 / etc (2010-18775)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2015-10-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xulrunner", "p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed", "cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:gnome-web-photo", "p-cpe:/a:fedoraproject:fedora:galeon", "p-cpe:/a:fedoraproject:fedora:mozvoikko"], "id": "FEDORA_2010-18775.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51131", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18775.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51131);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2015/10/20 21:38:15 $\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_xref(name:\"FEDORA\", value:\"2010-18775\");\n\n script_name(english:\"Fedora 13 : firefox-3.6.13-1.fc13 / galeon-2.0.7-36.fc13 / gnome-python2-extras-2.25.3-25.fc13 / etc (2010-18775)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Firefox version 3.6.13, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f\nirefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt\nagainst new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660438\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660439\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052019.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9e29b859\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052020.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42e7275c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052021.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a918a1e7\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?191cabf8\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e808f0c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?060ea4c5\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052025.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?488935df\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-web-photo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"firefox-3.6.13-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"galeon-2.0.7-36.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-python2-extras-2.25.3-25.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-web-photo-0.9-15.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mozvoikko-1.0-17.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"perl-Gtk2-MozEmbed-0.08-6.fc13.20\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"xulrunner-1.9.2.13-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / galeon / gnome-python2-extras / gnome-web-photo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:40", "references": ["https://oss.oracle.com/pipermail/el-errata/2010-December/001763.html", "https://oss.oracle.com/pipermail/el-errata/2010-December/001765.html", "https://oss.oracle.com/pipermail/el-errata/2011-February/001850.html"], "pluginID": "68156", "description": "From Red Hat Security Advisory 2010:0966 :\n\nUpdated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 5, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 / 6 : firefox (ELSA-2010-0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=68156", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0966 and \n# Oracle Linux Security Advisory ELSA-2010-0966 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68156);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:56\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : firefox (ELSA-2010-0966)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0966 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001763.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-December/001765.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-February/001850.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"firefox-3.6.13-3.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-3.6.13-2.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-1.9.2.13-3.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-1.9.2.13-3.0.1.el5\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-3.6.13-2.0.1.el6_0\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-1.9.2.13-3.0.1.el6_0\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-1.9.2.13-3.0.1.el6_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:48", "references": ["http://www.nessus.org/u?4c81664e"], "pluginID": "51106", "description": "Security issues were identified and fixed in firefox :\n\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine.\nSites using these character encodings would thus be potentially vulnerable to script injection attacks if their script filtering code fails to strip out these specific characters (CVE-2010-3770).\n\nGoogle security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were (CVE-2010-3774).\n\nMozilla security researcher moz_bug_r_a4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges (CVE-2010-3773).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. The report demonstrated that an array could be constructed containing a very large number of items such that when memory was allocated to store the array items, the integer value used to calculate the buffer size would overflow resulting in too small a buffer being allocated. Subsequent use of the array object could then result in data being written past the end of the buffer and causing memory corruption (CVE-2010-3767).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals.\nThis flaw could lead to a inconsistent state where the iterator points to an object it believes is part of the DOM but actually points to some other object. If such an object had been deleted and its memory reclaimed by the system, then the iterator could be used to call into attacker-controlled memory (CVE-2010-3766).\n\nSecurity researcher Gregory Fleischer reported that when a Java LiveConnect script was loaded via a data: URL which redirects via a meta refresh, then the resulting plugin object was created with the wrong security principal and thus received elevated privileges such as the abilities to read local files, launch processes, and create network connections (CVE-2010-3775).\n\nMozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code.\nThis library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher Christoph Diehl (CVE-2010-3768).\n\nSecurity researcher wushi of team509 reported that when a XUL tree had an HTML \\<div\\> element nested inside a \\<treechildren\\> element then code attempting to display content in the XUL tree would incorrectly treat the \\<div\\> element as a parent node to tree content underneath it resulting in incorrect indexes being calculated for the child content. These incorrect indexes were used in subsequent array operations which resulted in writing data past the end of an allocated buffer. An attacker could use this issue to crash a victim's browser and run arbitrary code on their machine (CVE-2010-3772).\n\nSecurity researcher echo reported that a web page could open a window with an about:blank location and then inject an \\<isindex\\> element into that page which upon submission would redirect to a chrome:\ndocument. The effect of this defect was that the original page would wind up with a reference to a chrome-privileged object, the opened window, which could be leveraged for privilege escalation attacks (CVE-2010-3771).\n\nDirk Heinrich reported that on Windows platforms when document.write() was called with a very long string a buffer overflow was caused in line breaking routines attempting to process the string for display.\nSuch cases triggered an invalid read past the end of an array causing a crash which an attacker could potentially use to run arbitrary code on a victim's computer (CVE-2010-3769).\n\nMozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-3776, CVE-2010-3777).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4 90\n\nAdditionally, some packages which require so, have been rebuilt and are being provided as updates.\n\nUpdate :\n\nA mistake was done with the MDVSA-2010:251 and the MDVSA-2010:251-1 advisories where the localization files for firefox software was NOT updated to the 3.6.13 version. The secteam wishes to apologise for the unfortunate mistake and also wishes everyone a great christmas.\n\nRegards // Santa Claus", "edition": 5, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:firefox-zh_CN", "p-cpe:/a:mandriva:linux:firefox-sv_SE", "p-cpe:/a:mandriva:linux:firefox-sk", "p-cpe:/a:mandriva:linux:firefox-eu", "p-cpe:/a:mandriva:linux:firefox-oc", "p-cpe:/a:mandriva:linux:firefox-de", "p-cpe:/a:mandriva:linux:firefox-id", "p-cpe:/a:mandriva:linux:firefox-sl", "p-cpe:/a:mandriva:linux:firefox-es_ES", "p-cpe:/a:mandriva:linux:firefox-el", "p-cpe:/a:mandriva:linux:firefox-gl", "p-cpe:/a:mandriva:linux:firefox-fi", "p-cpe:/a:mandriva:linux:firefox-be", "p-cpe:/a:mandriva:linux:firefox-af", "p-cpe:/a:mandriva:linux:firefox-ja", "p-cpe:/a:mandriva:linux:firefox-ku", "p-cpe:/a:mandriva:linux:firefox-is", "p-cpe:/a:mandriva:linux:firefox-lv", "p-cpe:/a:mandriva:linux:firefox-pa_IN", "p-cpe:/a:mandriva:linux:firefox-tr", "p-cpe:/a:mandriva:linux:firefox-ga_IE", "p-cpe:/a:mandriva:linux:firefox-nl", "p-cpe:/a:mandriva:linux:firefox-lt", "p-cpe:/a:mandriva:linux:firefox-ro", "p-cpe:/a:mandriva:linux:firefox-it", "p-cpe:/a:mandriva:linux:firefox-fy", "p-cpe:/a:mandriva:linux:firefox-es_AR", "p-cpe:/a:mandriva:linux:firefox-bn", "p-cpe:/a:mandriva:linux:firefox-sq", "p-cpe:/a:mandriva:linux:firefox-ka", "p-cpe:/a:mandriva:linux:firefox-ru", "p-cpe:/a:mandriva:linux:firefox-fr", "p-cpe:/a:mandriva:linux:firefox-zh_TW", "p-cpe:/a:mandriva:linux:firefox-te", "p-cpe:/a:mandriva:linux:firefox-eo", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:firefox-mk", "p-cpe:/a:mandriva:linux:firefox-ca", "p-cpe:/a:mandriva:linux:firefox-bg", "p-cpe:/a:mandriva:linux:firefox-et", "p-cpe:/a:mandriva:linux:firefox-si", "p-cpe:/a:mandriva:linux:firefox-pt_PT", "p-cpe:/a:mandriva:linux:firefox-cy", "p-cpe:/a:mandriva:linux:firefox-ko", "p-cpe:/a:mandriva:linux:firefox-nb_NO", "p-cpe:/a:mandriva:linux:firefox-uk", "p-cpe:/a:mandriva:linux:firefox-kn", "p-cpe:/a:mandriva:linux:firefox-ar", "p-cpe:/a:mandriva:linux:firefox-nn_NO", "p-cpe:/a:mandriva:linux:firefox-pt_BR", "p-cpe:/a:mandriva:linux:firefox-da", "p-cpe:/a:mandriva:linux:firefox-hu", "p-cpe:/a:mandriva:linux:firefox-sr", "p-cpe:/a:mandriva:linux:firefox-pl", "p-cpe:/a:mandriva:linux:firefox-gu_IN", "p-cpe:/a:mandriva:linux:firefox-cs", "p-cpe:/a:mandriva:linux:firefox-hi", "p-cpe:/a:mandriva:linux:firefox-th", "p-cpe:/a:mandriva:linux:firefox-en_GB", "p-cpe:/a:mandriva:linux:firefox-mr", "p-cpe:/a:mandriva:linux:firefox-he"], "id": "MANDRIVA_MDVSA-2010-251.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51106", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:251. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51106);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:17\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45345, 45346, 45347, 45348, 45351, 45352, 45353, 45354, 45355);\n script_xref(name:\"MDVSA\", value:\"2010:251-2\");\n\n script_name(english:\"Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues were identified and fixed in firefox :\n\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported\nthat the x-mac-arabic, x-mac-farsi and x-mac-hebrew character\nencodings are vulnerable to XSS attacks due to some characters being\nconverted to angle brackets when displayed by the rendering engine.\nSites using these character encodings would thus be potentially\nvulnerable to script injection attacks if their script filtering code\nfails to strip out these specific characters (CVE-2010-3770).\n\nGoogle security researcher Michal Zalewski reported that when a window\nwas opened to a site resulting in a network or certificate error page,\nthe opening site could access the document inside the opened window\nand inject arbitrary content. An attacker could use this bug to spoof\nthe location bar and trick a user into thinking they were on a\ndifferent site than they actually were (CVE-2010-3774).\n\nMozilla security researcher moz_bug_r_a4 reported that the fix for\nCVE-2010-0179 could be circumvented permitting the execution of\narbitrary JavaScript with chrome privileges (CVE-2010-3773).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day\nInitiative that JavaScript arrays were vulnerable to an integer\noverflow vulnerability. The report demonstrated that an array could be\nconstructed containing a very large number of items such that when\nmemory was allocated to store the array items, the integer value used\nto calculate the buffer size would overflow resulting in too small a\nbuffer being allocated. Subsequent use of the array object could then\nresult in data being written past the end of the buffer and causing\nmemory corruption (CVE-2010-3767).\n\nSecurity researcher regenrecht reported via TippingPoint's Zero Day\nInitiative that a nsDOMAttribute node can be modified without\ninforming the iterator object responsible for various DOM traversals.\nThis flaw could lead to a inconsistent state where the iterator points\nto an object it believes is part of the DOM but actually points to\nsome other object. If such an object had been deleted and its memory\nreclaimed by the system, then the iterator could be used to call into\nattacker-controlled memory (CVE-2010-3766).\n\nSecurity researcher Gregory Fleischer reported that when a Java\nLiveConnect script was loaded via a data: URL which redirects via a\nmeta refresh, then the resulting plugin object was created with the\nwrong security principal and thus received elevated privileges such as\nthe abilities to read local files, launch processes, and create\nnetwork connections (CVE-2010-3775).\n\nMozilla added the OTS font sanitizing library to prevent downloadable\nfonts from exposing vulnerabilities in the underlying OS font code.\nThis library mitigates against several issues independently reported\nby Red Hat Security Response Team member Marc Schoenefeld and Mozilla\nsecurity researcher Christoph Diehl (CVE-2010-3768).\n\nSecurity researcher wushi of team509 reported that when a XUL tree had\nan HTML \\<div\\> element nested inside a \\<treechildren\\> element then\ncode attempting to display content in the XUL tree would incorrectly\ntreat the \\<div\\> element as a parent node to tree content underneath\nit resulting in incorrect indexes being calculated for the child\ncontent. These incorrect indexes were used in subsequent array\noperations which resulted in writing data past the end of an allocated\nbuffer. An attacker could use this issue to crash a victim's browser\nand run arbitrary code on their machine (CVE-2010-3772).\n\nSecurity researcher echo reported that a web page could open a window\nwith an about:blank location and then inject an \\<isindex\\> element\ninto that page which upon submission would redirect to a chrome:\ndocument. The effect of this defect was that the original page would\nwind up with a reference to a chrome-privileged object, the opened\nwindow, which could be leveraged for privilege escalation attacks\n(CVE-2010-3771).\n\nDirk Heinrich reported that on Windows platforms when document.write()\nwas called with a very long string a buffer overflow was caused in\nline breaking routines attempting to process the string for display.\nSuch cases triggered an invalid read past the end of an array causing\na crash which an attacker could potentially use to run arbitrary code\non a victim's computer (CVE-2010-3769).\n\nMozilla developers identified and fixed several memory safety bugs in\nthe browser engine used in Firefox and other Mozilla-based products.\nSome of these bugs showed evidence of memory corruption under certain\ncircumstances, and we presume that with enough effort at least some of\nthese could be exploited to run arbitrary code (CVE-2010-3776,\nCVE-2010-3777).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&amp;products_id=4\n90\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\n\nUpdate :\n\nA mistake was done with the MDVSA-2010:251 and the MDVSA-2010:251-1\nadvisories where the localization files for firefox software was NOT\nupdated to the 3.6.13 version. The secteam wishes to apologise for the\nunfortunate mistake and also wishes everyone a great christmas.\n\nRegards // Santa Claus\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ga_IE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-af-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ar-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-be-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-bg-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-bn-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ca-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-cs-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-cy-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-da-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-de-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-el-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-en_GB-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-eo-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-es_AR-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-es_ES-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-et-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-eu-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fi-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-fy-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ga_IE-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-gl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-gu_IN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-he-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-hi-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-hu-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-id-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-is-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-it-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ja-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ka-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-kn-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ko-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ku-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-lt-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-lv-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-mk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-mr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nb_NO-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-nn_NO-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-oc-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pa_IN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pt_BR-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-pt_PT-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ro-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-ru-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-si-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sl-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sq-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-sv_SE-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-te-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-th-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-tr-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-uk-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-zh_CN-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"firefox-zh_TW-3.6.13-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:10:31", "references": ["http://www.nessus.org/u?78d33b3f", "https://bugzilla.redhat.com/show_bug.cgi?id=660439", "http://www.nessus.org/u?66cc8e92", "http://www.nessus.org/u?4c81664e", "https://bugzilla.redhat.com/show_bug.cgi?id=660408", "http://www.nessus.org/u?1c525a34", "https://bugzilla.redhat.com/show_bug.cgi?id=660435", "http://www.nessus.org/u?2324f8b5", "http://www.nessus.org/u?0355bd09", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "https://bugzilla.redhat.com/show_bug.cgi?id=660422", "https://bugzilla.redhat.com/show_bug.cgi?id=660419", "https://bugzilla.redhat.com/show_bug.cgi?id=660438", "http://www.nessus.org/u?bbb73d46", "https://bugzilla.redhat.com/show_bug.cgi?id=660431", "http://www.nessus.org/u?1ac95e28", "https://bugzilla.redhat.com/show_bug.cgi?id=660417", "https://bugzilla.redhat.com/show_bug.cgi?id=660429", "https://bugzilla.redhat.com/show_bug.cgi?id=660415"], "pluginID": "51130", "description": "Update to new upstream Firefox version 3.6.13, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f irefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "Fedora 14 : firefox-3.6.13-1.fc14 / galeon-2.0.7-36.fc14.1 / gnome-python2-extras-2.25.3-26.fc14.1 / etc (2010-18773)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xulrunner", "p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed", "cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:gnome-web-photo", "p-cpe:/a:fedoraproject:fedora:galeon", "p-cpe:/a:fedoraproject:fedora:mozvoikko"], "id": "FEDORA_2010-18773.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51130", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18773.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51130);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-0179\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_xref(name:\"FEDORA\", value:\"2010-18773\");\n\n script_name(english:\"Fedora 14 : firefox-3.6.13-1.fc14 / galeon-2.0.7-36.fc14.1 / gnome-python2-extras-2.25.3-26.fc14.1 / etc (2010-18773)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Firefox version 3.6.13, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/firefox36.html#f\nirefox3.6.13\n\nUpdate also includes all packages depending on gecko-libs rebuilt\nagainst new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4c81664e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660415\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660419\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660438\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=660439\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052029.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1c525a34\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052030.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0355bd09\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052031.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?78d33b3f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ac95e28\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052033.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2324f8b5\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052034.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?66cc8e92\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb73d46\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-web-photo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"firefox-3.6.13-1.fc14\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"galeon-2.0.7-36.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"gnome-python2-extras-2.25.3-26.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"gnome-web-photo-0.9-16.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"mozvoikko-1.0-17.fc14.1\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"perl-Gtk2-MozEmbed-0.08-6.fc14.22\")) flag++;\nif (rpm_check(release:\"FC14\", reference:\"xulrunner-1.9.2.13-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / galeon / gnome-python2-extras / gnome-web-photo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:03", "references": ["http://www.nessus.org/u?85f202a0", "http://www.mozilla.org/security/announce/2010/mfsa2010-84.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-76.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-82.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-79.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-77.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-83.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-81.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-75.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-78.html"], "pluginID": "51132", "description": "The Mozilla Project reports :\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)\n\nMFSA 2010-75 Buffer overflow while line breaking after document.write with long string\n\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex element\n\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree\n\nMFSA 2010-78 Add support for OTS font sanitizer\n\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data:\nURL meta refresh\n\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\n\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\n\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\n\nMFSA 2010-83 Location bar SSL spoofing using network error page\n\nMFSA 2010-84 XSS hazard in multiple character encodings", "edition": 4, "reporter": "Tenable", "published": "2010-12-12T00:00:00", "title": "FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2015-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:linux-firefox", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:linux-firefox-devel", "p-cpe:/a:freebsd:freebsd:thunderbird"], "id": "FREEBSD_PKG_1D8FF4A2044511E08E32000F20797EDE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51132", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2015 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51132);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2015/05/13 14:37:08 $\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (1d8ff4a2-0445-11e0-8e32-000f20797ede)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Project reports :\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/\n1.9.1.16)\n\nMFSA 2010-75 Buffer overflow while line breaking after document.write\nwith long string\n\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex\nelement\n\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a\nXUL tree\n\nMFSA 2010-78 Add support for OTS font sanitizer\n\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data:\nURL meta refresh\n\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\n\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\n\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\n\nMFSA 2010-83 Location bar SSL spoofing using network error page\n\nMFSA 2010-84 XSS hazard in multiple character encodings\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-74.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-75.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-76.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-77.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-78.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-79.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-80.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-81.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-82.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-83.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-84.html\"\n );\n # http://www.freebsd.org/ports/portaudit/1d8ff4a2-0445-11e0-8e32-000f20797ede.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85f202a0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.6.*,1<3.6.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox>3.5.*,1<3.5.16,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul>1.9.2.*<1.9.2.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<3.6.13,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox-devel<3.5.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey>2.0.*<2.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird>=3.1<3.1.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey>2.0.*<2.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>=3.0<3.0.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>=3.1<3.1.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:05:41", "references": ["https://www.redhat.com/security/data/cve/CVE-2010-3773.html", "http://code.google.com/p/ots/", "https://www.redhat.com/security/data/cve/CVE-2010-3774.html", "https://www.redhat.com/security/data/cve/CVE-2010-3775.html", "https://www.redhat.com/security/data/cve/CVE-2010-3767.html", "https://www.redhat.com/security/data/cve/CVE-2010-3772.html", "http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#", "https://www.redhat.com/security/data/cve/CVE-2010-3771.html", "https://www.redhat.com/security/data/cve/CVE-2010-3770.html", "https://www.redhat.com/security/data/cve/CVE-2010-3776.html", "https://www.redhat.com/security/data/cve/CVE-2010-3766.html", "https://www.redhat.com/security/data/cve/CVE-2010-3777.html", "https://www.redhat.com/security/data/cve/CVE-2010-3768.html", "http://rhn.redhat.com/errata/RHSA-2010-0966.html"], "pluginID": "51107", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 6, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "RHEL 4 / 5 / 6 : firefox (RHSA-2010:0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0966. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51107);\n script_version (\"1.19\");\n script_cvs_date(\"Date: 2018/07/25 18:58:05\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : firefox (RHSA-2010:0966)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3766.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3767.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3768.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3770.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3771.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3772.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3773.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3776.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2010-3777.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://code.google.com/p/ots/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2010-0966.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0966\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"firefox-3.6.13-3.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-3.6.13-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-1.9.2.13-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-1.9.2.13-3.el5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"firefox-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"firefox-debuginfo-3.6.13-2.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-1.9.2.13-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-1.9.2.13-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-1.9.2.13-3.el6_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:58:32", "references": ["http://www.nessus.org/u?fa8b28d0", "http://www.nessus.org/u?54c6a6f7"], "pluginID": "51362", "description": "Update to new upstream SeaMonkey version 2.0.11, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html #seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-23T00:00:00", "title": "Fedora 14 : seamonkey-2.0.11-1.fc14 (2010-18920)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:seamonkey"], "id": "FEDORA_2010-18920.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51362", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18920.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51362);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n script_xref(name:\"FEDORA\", value:\"2010-18920\");\n\n script_name(english:\"Fedora 14 : seamonkey-2.0.11-1.fc14 (2010-18920)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream SeaMonkey version 2.0.11, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html\n#seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa8b28d0\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54c6a6f7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"seamonkey-2.0.11-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:52:24", "references": ["http://www.nessus.org/u?07ff809e", "http://www.nessus.org/u?2cbaaf23"], "pluginID": "51777", "description": "Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website with an object containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to Firefox. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug add-on was used. If a user visited a website containing malicious JavaScript while the Firebug add-on was enabled, it could cause Firefox to execute arbitrary JavaScript with the privileges of the user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A malicious website could trick a user into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If server-side script filtering missed these cases, it could result in Firefox executing JavaScript code with the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.6.13. You can find a link to the Mozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain Firefox version 3.6.13, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.", "edition": 5, "reporter": "Tenable", "published": "2011-01-28T00:00:00", "title": "CentOS 4 : firefox (CESA-2010:0966)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-02T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:firefox"], "id": "CENTOS_RHSA-2010-0966.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0966 and \n# CentOS Errata and Security Advisory 2010:0966 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51777);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/02 18:48:52\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\");\n script_bugtraq_id(45314, 45322, 45324, 45326, 45352, 45354);\n script_xref(name:\"RHSA\", value:\"2010:0966\");\n\n script_name(english:\"CentOS 4 : firefox (CESA-2010:0966)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772,\nCVE-2010-3776, CVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A\nwebsite with an object containing malicious JavaScript could cause\nFirefox to execute that JavaScript with the privileges of the user\nrunning Firefox. (CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library\nto Firefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use.\n(CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way\nthat would result in the plug-in object having elevated privileges,\nallowing it to execute Java code with the privileges of the user\nrunning Firefox. (CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the\nFirebug add-on was used. If a user visited a website containing\nmalicious JavaScript while the Firebug add-on was enabled, it could\ncause Firefox to execute arbitrary JavaScript with the privileges of\nthe user running Firefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to\nusers. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox\nx-mac-arabic, x-mac-farsi, and x-mac-hebrew character encodings.\nCertain characters were converted to angle brackets when displayed. If\nserver-side script filtering missed these cases, it could result in\nFirefox executing JavaScript code with the permissions of a different\nwebsite. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.13. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.13, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2cbaaf23\"\n );\n # http://lists.centos.org/pipermail/centos-announce/2011-January/017228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?07ff809e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"firefox-3.6.13-3.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"firefox-3.6.13-3.el4.centos\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:51:48", "references": ["http://www.nessus.org/u?fa8b28d0", "http://www.nessus.org/u?71e20e05"], "pluginID": "51361", "description": "Update to new upstream SeaMonkey version 2.0.11, fixing multiple security issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html #seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2010-12-23T00:00:00", "title": "Fedora 13 : seamonkey-2.0.11-1.fc13 (2010-18890)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:seamonkey"], "id": "FEDORA_2010-18890.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51361", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-18890.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51361);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/12 15:01:52\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n script_xref(name:\"FEDORA\", value:\"2010-18890\");\n\n script_name(english:\"Fedora 13 : seamonkey-2.0.11-1.fc13 (2010-18890)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream SeaMonkey version 2.0.11, fixing multiple\nsecurity issues detailed in the upstream advisories :\n\nhttp://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html\n#seamonkey2.0.11\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa8b28d0\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?71e20e05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"seamonkey-2.0.11-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:02:34", "references": [], "pluginID": "51114", "description": "Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)\n\nIt was discovered that Firefox did not properly verify the about:blank location elements when it was opened via window.open(). An attacker could exploit this to run arbitrary code with chrome privileges.\n(CVE-2010-3771)\n\nIt was discovered that Firefox did not properly handle &lt;div&gt;\nelements when processing a XUL tree. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3772)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)\n\nGregory Fleischer discovered that the Java LiveConnect script could be made to run in the wrong security context. An attacker could exploit this to read local files and run arbitrary code as the user invoking the program. (CVE-2010-3775)\n\nSeveral problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3773)\n\nMichal Zalewski discovered that Firefox did not always properly handle displaying pages from network or certificate errors. An attacker could exploit this to spoof the location bar, such as in a phishing attack.\n(CVE-2010-3774)\n\nYosuke Hasegawa and Masatoshi Kimura discovered that several character encodings would have some characters converted to angle brackets. An attacker could utilize this to perform cross-site scripting attacks.\n(CVE-2010-3770).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2010-12-10T00:00:00", "title": "Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.{1,2} vulnerabilities (USN-1019-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2018-08-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:abrowser", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dev", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2", "p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-dbg", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-dev", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-2-libthai", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-libthai", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.1", "p-cpe:/a:canonical:ubuntu_linux:firefox-branding", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-2-dbg", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-dbg", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1", "p-cpe:/a:canonical:ubuntu_linux:firefox-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.5", "p-cpe:/a:canonical:ubuntu_linux:firefox-2-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-testsuite", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-gnome-support", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dbg", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support-dbg", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-branding", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dbg", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.1", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:firefox-2-dom-inspector", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-testsuite-dev", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:abrowser-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso", "p-cpe:/a:canonical:ubuntu_linux:firefox-2-dev", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0", "p-cpe:/a:canonical:ubuntu_linux:firefox-dbg", "p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev", "p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding", "p-cpe:/a:canonical:ubuntu_linux:firefox-2", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.1-branding", "p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0", "p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9"], "id": "UBUNTU_USN-1019-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=51114", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1019-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51114);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/08/01 17:36:14\");\n\n script_cve_id(\"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\");\n script_bugtraq_id(45314, 45322);\n script_xref(name:\"USN\", value:\"1019-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.{1,2} vulnerabilities (USN-1019-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov\ndiscovered several memory issues in the browser engine. An attacker\ncould exploit these to crash the browser or possibly run arbitrary\ncode as the user invoking the program. (CVE-2010-3776, CVE-2010-3777,\nCVE-2010-3778)\n\nIt was discovered that Firefox did not properly verify the about:blank\nlocation elements when it was opened via window.open(). An attacker\ncould exploit this to run arbitrary code with chrome privileges.\n(CVE-2010-3771)\n\nIt was discovered that Firefox did not properly handle &lt;div&gt;\nelements when processing a XUL tree. If a user were tricked into\nopening a malicious web page, an attacker could exploit this to crash\nthe browser or possibly run arbitrary code as the user invoking the\nprogram. (CVE-2010-3772)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when\nhandling downloadable fonts. The new OTS font sanitizing library was\nadded to mitigate these issues. (CVE-2010-3768)\n\nGregory Fleischer discovered that the Java LiveConnect script could be\nmade to run in the wrong security context. An attacker could exploit\nthis to read local files and run arbitrary code as the user invoking\nthe program. (CVE-2010-3775)\n\nSeveral problems were discovered in the JavaScript engine. If a user\nwere tricked into opening a malicious web page, an attacker could\nexploit this to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-3766, CVE-2010-3767,\nCVE-2010-3773)\n\nMichal Zalewski discovered that Firefox did not always properly handle\ndisplaying pages from network or certificate errors. An attacker could\nexploit this to spoof the location bar, such as in a phishing attack.\n(CVE-2010-3774)\n\nYosuke Hasegawa and Masatoshi Kimura discovered that several character\nencodings would have some characters converted to angle brackets. An\nattacker could utilize this to perform cross-site scripting attacks.\n(CVE-2010-3770).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.1-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.1-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-mozsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.1-testsuite-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2018 Canonical, Inc. / NASL script (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-libthai\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.0\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.0-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.1\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.1-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.5\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-3.5-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"abrowser-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2-dom-inspector\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-2-libthai\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0-dom-inspector\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.0-venkman\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.1\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.1-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.1-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.1-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.1-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.5\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.5-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.5-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.5-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-3.5-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-dom-inspector\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1-dbg\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1-dev\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1-gnome-support\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1-testsuite\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.1-testsuite-dev\", pkgver:\"1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dom-inspector\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-libthai\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-mozsymbols\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"abrowser\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"abrowser-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox-branding\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"firefox-mozsymbols\", pkgver:\"3.6.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrowser / abrowser-3.0 / abrowser-3.0-branding / abrowser-3.1 / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:41", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0966.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.x86_64.rpm", "packageName": "firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.6.13-3.el4.centos", "packageFilename": "firefox-3.6.13-3.el4.centos.i386.rpm", "packageName": "firefox", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0966\n\n\nMozilla Firefox is an open source web browser.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,\nCVE-2010-3777)\n\nA flaw was found in the way Firefox handled malformed JavaScript. A website\nwith an object containing malicious JavaScript could cause Firefox to\nexecute that JavaScript with the privileges of the user running Firefox.\n(CVE-2010-3771)\n\nThis update adds support for the Sanitiser for OpenType (OTS) library to\nFirefox. This library helps prevent potential exploits in malformed\nOpenType fonts by verifying the font file prior to use. (CVE-2010-3768)\n\nA flaw was found in the way Firefox loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running Firefox.\n(CVE-2010-3775)\n\nIt was found that the fix for CVE-2010-0179 was incomplete when the Firebug\nadd-on was used. If a user visited a website containing malicious\nJavaScript while the Firebug add-on was enabled, it could cause Firefox to\nexecute arbitrary JavaScript with the privileges of the user running\nFirefox. (CVE-2010-3773)\n\nA flaw was found in the way Firefox presented the location bar to users. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-3774)\n\nA cross-site scripting (XSS) flaw was found in the Firefox x-mac-arabic,\nx-mac-farsi, and x-mac-hebrew character encodings. Certain characters were\nconverted to angle brackets when displayed. If server-side script filtering\nmissed these cases, it could result in Firefox executing JavaScript code\nwith the permissions of a different website. (CVE-2010-3770)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.13. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.13, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017227.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017228.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0966.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:53:21", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "firefox security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2011-01-27T03:54:21", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017227.html", "id": "CESA-2010:0966", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:40", "references": ["http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2010-0967.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-mail-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-mail", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.src.rpm", "packageName": "seamonkey", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.src.rpm", "packageName": "seamonkey", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-devel-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-dom-inspector", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-js-debugger", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-js-debugger-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-js-debugger", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-chat-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-chat", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-dom-inspector", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-chat-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-chat", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-mail-1.0.9-66.el4.centos.i386.rpm", "packageName": "seamonkey-mail", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.0.9-66.el4.centos", "packageFilename": "seamonkey-devel-1.0.9-66.el4.centos.x86_64.rpm", "packageName": "seamonkey-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0967\n\n\nSeaMonkey is an open source web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nA flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.\nMalicious web content could load a Java LiveConnect script in a way that\nwould result in the plug-in object having elevated privileges, allowing it\nto execute Java code with the privileges of the user running SeaMonkey.\n(CVE-2010-3775)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017229.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017230.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0967.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:55:30", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "seamonkey security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767"], "modified": "2011-01-27T03:56:08", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017229.html", "id": "CESA-2010:0967", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:19", "references": ["http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B", "https://rhn.redhat.com/errata/RHSA-2010-0968.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.5.0.12-34.el4.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-1.5.0.12-34.el4.centos.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0968\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content. HTML\ncontaining malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)\n\nNote: JavaScript support is disabled by default in Thunderbird. The above\nissues are not exploitable unless JavaScript is enabled.\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017231.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017232.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0968.html", "edition": 1, "reporter": "CentOS Project", "published": "2011-01-27T03:58:08", "title": "thunderbird security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3767"], "modified": "2011-01-27T03:58:34", "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017231.html", "id": "CESA-2010:0968", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:38", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0332.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.0.19-1.el4.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-3.0.19-1.el4.centos.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0332\n\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral use-after-free flaws were found in Firefox. Visiting a web page\ncontaining malicious content could result in Firefox executing arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-0175,\nCVE-2010-0176, CVE-2010-0177)\n\nA flaw was found in Firefox that could allow an applet to generate a drag\nand drop action from a mouse click. Such an action could be used to execute\narbitrary JavaScript with the privileges of the user running Firefox.\n(CVE-2010-0178)\n\nA privilege escalation flaw was found in Firefox when the Firebug add-on is\nin use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome\nprivilege escalation flaw that could be used to execute arbitrary\nJavaScript with the privileges of the user running Firefox. (CVE-2010-0179)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0174)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.19. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.19, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-April/016623.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-April/016624.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0332.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-04-06T22:01:59", "title": "firefox security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-06T22:04:29", "href": "http://lists.centos.org/pipermail/centos-announce/2010-April/016623.html", "id": "CESA-2010:0332", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:45", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3767", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3773", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3770", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3774", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3768", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3771", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3772", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3766"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "1.9.1.16+build2+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.5", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.9.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.6.13+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "1.9.2.13+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9.2", "operator": "lt"}], "description": "Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)\n\nIt was discovered that Firefox did not properly verify the about:blank location elements when it was opened via window.open(). An attacker could exploit this to run arbitrary code with chrome privileges. (CVE-2010-3771)\n\nIt was discovered that Firefox did not properly handle &lt;div&gt; elements when processing a XUL tree. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3772)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)\n\nGregory Fleischer discovered that the Java LiveConnect script could be made to run in the wrong security context. An attacker could exploit this to read local files and run arbitrary code as the user invoking the program. (CVE-2010-3775)\n\nSeveral problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3766, CVE-2010-3767, CVE-2010-3773)\n\nMichal Zalewski discovered that Firefox did not always properly handle displaying pages from network or certificate errors. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-3774)\n\nYosuke Hasegawa and Masatoshi Kimura discovered that several character encodings would have some characters converted to angle brackets. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-3770)", "edition": 3, "reporter": "Ubuntu", "published": "2010-12-09T00:00:00", "title": "Firefox and Xulrunner vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-09T00:00:00", "id": "USN-1019-1", "href": "https://usn.ubuntu.com/1019-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:42", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3768", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3776"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "3.1.7+build3+nobinonly-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.10", "packageVersion": "3.1.7+build3+nobinonly-0ubuntu0.10.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}], "description": "Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. (CVE-2010-3776, CVE-2010-3777, CVE-2010-3778)\n\nMarc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. (CVE-2010-3768)", "edition": 3, "reporter": "Ubuntu", "published": "2010-12-09T00:00:00", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3768", "CVE-2010-3776"], "modified": "2010-12-09T00:00:00", "id": "USN-1020-1", "href": "https://usn.ubuntu.com/1020-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:23", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0179", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0175", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0177", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0178", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0176", "https://people.canonical.com/~ubuntu-security/cve/CVE-2010-0174"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "3.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox-3.0", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.9.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "3.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "abrowser", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.8.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "1.9.0.19+nobinonly-0ubuntu0.8.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "xulrunner-1.9", "operator": "lt"}], "description": "Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0174)\n\nIt was discovered that Firefox could be made to access previously freed memory. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0175, CVE-2010-0176, CVE-2010-0177)\n\nPaul Stone discovered that Firefox could be made to change a mouse click into a drag and drop event. If the user could be tricked into performing this action twice on a crafted website, an attacker could execute arbitrary JavaScript with chrome privileges. (CVE-2010-0178)\n\nIt was discovered that the XMLHttpRequestSpy module as used by the Firebug add-on could be used to escalate privileges within the browser. If the user had the Firebug add-on installed and were tricked into viewing a malicious website, an attacker could potentially run arbitrary JavaScript. (CVE-2010-0179)", "edition": 3, "reporter": "Ubuntu", "published": "2010-04-09T00:00:00", "title": "Firefox 3.0 and Xulrunner vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-09T00:00:00", "id": "USN-920-1", "href": "https://usn.ubuntu.com/920-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:39:34", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "i386", "packageFilename": "firefox-3.6.13-2.0.1.el5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "i386", "packageFilename": "firefox-3.6.13-2.0.1.el5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "x86_64", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "i686", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "x86_64", "packageFilename": "firefox-3.6.13-2.0.1.el5.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el6_0.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "src", "packageFilename": "firefox-3.6.13-3.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "ia64", "packageFilename": "firefox-3.6.13-2.0.1.el5.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "ia64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "x86_64", "packageFilename": "firefox-3.6.13-3.0.1.el4.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.9.2.13-3.0.1.el6_0", "arch": "src", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el6_0.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "i386", "packageFilename": "firefox-3.6.13-3.0.1.el4.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "i686", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.6.13-2.0.1.el5", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.6.13-2.0.1.el6_0", "arch": "src", "packageFilename": "firefox-3.6.13-2.0.1.el6_0.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "x86_64", "packageFilename": "xulrunner-1.9.2.13-3.0.1.el5.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.6.13-3.0.1.el4", "arch": "ia64", "packageFilename": "firefox-3.6.13-3.0.1.el4.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.2.13-3.0.1.el5", "arch": "ia64", "packageFilename": "xulrunner-devel-1.9.2.13-3.0.1.el5.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}], "description": " \nfirefox:\r\n \n[3.6.13-1.0.1.el6_0]\r\n- Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js\r\n [bugz 11762]\r\n \n[3.6.13-2]\r\n- Update to 3.6.13 build3\r\n \n[3.6.13-1]\r\n- Update to 3.6.13\r\n \n[3.6.12-1]\r\n- Update to 3.6.12\r\n \n[3.6.11-1]\r\n- Update to 3.6.11\r\n \nxulrunner:\r\n \n[1.9.2.13-3.0.1.el6_0]\r\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\r\n RedHat one. Bug#11487\r\n \n[1.9.2.13-3]\r\n- Update to 1.9.2.13 build3\r\n \n[1.9.2.13-2]\r\n- Update to 1.9.2.13 build2\r\n \n[1.9.2.13-1]\r\n- Update to 1.9.2.13\r\n \n[1.9.2.12-1]\r\n- Update to 1.9.2.12\r\n \n[1.9.2.11-1]\r\n- Update to 1.9.2.1", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3774", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0966", "href": "http://linux.oracle.com/errata/ELSA-2010-0966.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:33", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "i686", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.i686.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "src", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "src", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.1.7-3.0.1.el6_0", "arch": "x86_64", "packageFilename": "thunderbird-3.1.7-3.0.1.el6_0.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}], "description": "[3.1.7-3.0.1.el6]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[3.1.7-3]\n- Update to 3.1.7 build3\n[3.1.7-2]\n- Update to 3.1.7 build2\n[3.1.7-1]\n- Update to 3.1.7\n[3.1.6-1]\n- Update to 3.1.6\n[3.1.5-1]\n- Update to 3.1.5", "edition": 3, "reporter": "Oracle", "published": "2011-02-10T00:00:00", "title": "thunderbird security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3777", "CVE-2010-3768", "CVE-2010-3776"], "modified": "2011-02-10T00:00:00", "id": "ELSA-2010-0969", "href": "http://linux.oracle.com/errata/ELSA-2010-0969.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:10", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "src", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.src.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-devel-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-js-debugger-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-js-debugger", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-mail-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-mail", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "x86_64", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.x86_64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "i386", "packageFilename": "seamonkey-dom-inspector-1.0.9-66.0.1.el4_8.i386.rpm", "packageName": "seamonkey-dom-inspector", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.0.9-66.0.1.el4_8", "arch": "ia64", "packageFilename": "seamonkey-chat-1.0.9-66.0.1.el4_8.ia64.rpm", "packageName": "seamonkey-chat", "operator": "lt"}], "description": "[1.0.9-66.0.1.el4_8]\n- Add mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html\n and remove corresponding RedHat ones\n[1.0.9-66.el4]\n- Added fixes from 1.9.1.16", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "seamonkey security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0967", "href": "http://linux.oracle.com/errata/ELSA-2010-0967.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:46:09", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "x86_64", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "ia64", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.ia64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "i386", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.i386.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "1.5.0.12-34.0.1.el4", "arch": "src", "packageFilename": "thunderbird-1.5.0.12-34.0.1.el4.src.rpm", "packageName": "thunderbird", "operator": "lt"}], "description": "[1.5.0.12-34.0.1.el4]\n- Add thunderbird-oracle-default-prefs.js for errata rebuild and remove\n thunderbird-redhat-default-prefs.js\n Replaced clean.gif in tarball\n[1.5.0.12-34]\n- Added fixes from 1.9.1.16", "edition": 3, "reporter": "Oracle", "published": "2010-12-10T00:00:00", "title": "thunderbird security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3776", "CVE-2010-3767"], "modified": "2010-12-10T00:00:00", "id": "ELSA-2010-0968", "href": "http://linux.oracle.com/errata/ELSA-2010-0968.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:47", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el4.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el4.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "ia64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.ia64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "ia64", "packageFilename": "firefox-3.0.19-1.0.1.el4.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "x86_64", "packageFilename": "xulrunner-devel-1.9.0.19-1.0.1.el5_5.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-devel-unstable-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner-devel-unstable", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "3.0.19-1.0.1.el5_5", "arch": "src", "packageFilename": "firefox-3.0.19-1.0.1.el5_5.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.0.19-1.0.1.el4", "arch": "x86_64", "packageFilename": "firefox-3.0.19-1.0.1.el4.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.0.1.el5_5", "arch": "i386", "packageFilename": "xulrunner-1.9.0.19-1.0.1.el5_5.i386.rpm", "packageName": "xulrunner", "operator": "lt"}], "description": "firefox:\r\n \n[3.0.19-1.0.1.el5_5]\r\n- Update firstrun and homepage URLs in specfile\r\n- Added patch oracle-firefox-branding.patch\r\n- Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html\r\n and removed the corresponding RedHat ones\r\n \n[3.0.19-1]\r\n- Update to 3.0.19\r\n \nxulrunner:\r\n \n[1.9.0.19-1.0.1.el5_5]\r\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\r\n RedHat one.\r\n \n[1.9.0.19-1]\r\n- Update to 1.9.0.19", "edition": 3, "reporter": "Oracle", "published": "2010-03-31T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-03-31T00:00:00", "id": "ELSA-2010-0332", "href": "http://linux.oracle.com/errata/ELSA-2010-0332.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:39", "references": ["https://vulners.com/securityvulns/securityvulns:doc:25264", "https://vulners.com/securityvulns/securityvulns:doc:25265", "https://vulners.com/securityvulns/securityvulns:doc:25270", "https://vulners.com/securityvulns/securityvulns:doc:25263", "https://vulners.com/securityvulns/securityvulns:doc:25273", "https://vulners.com/securityvulns/securityvulns:doc:25271", "https://vulners.com/securityvulns/securityvulns:doc:25274", "https://vulners.com/securityvulns/securityvulns:doc:25268", "https://vulners.com/securityvulns/securityvulns:doc:25267", "https://vulners.com/securityvulns/securityvulns:doc:25272", "https://vulners.com/securityvulns/securityvulns:doc:25266", "https://vulners.com/securityvulns/securityvulns:doc:25269"], "description": "Multiple memory corruptions, buffer overflows, vode execution protection bypass, privilege escalation, etc.", "edition": 1, "reporter": "BUGTRAQ", "published": "2010-12-10T00:00:00", "title": "Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:39", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "3.6", "operator": "eq"}, {"name": "SeaMonkey", "version": "2.0", "operator": "eq"}, {"name": "Thunderbird", "version": "3.0", "operator": "eq"}, {"name": "Thunderbird", "version": "3.1", "operator": "eq"}, {"name": "Firefox", "version": "3.5", "operator": "eq"}], "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:VULN:11286", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11286", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-82\r\n\r\nTitle: Incomplete fix for CVE-2010-0179\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: moz_bug_r_a4\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla security researcher moz_bug_r_a4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=554449\r\n * CVE-2010-3773\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-82", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3773", "CVE-2010-0179"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25271", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25271", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-74\r\n\r\nTitle: Miscellaneous memory safety hazards &#40;rv:1.9.2.13/ 1.9.1.16&#41;\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Mozilla developers and community\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n Thunderbird 3.1.7\r\n Thunderbird 3.0.11\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.\r\nReferences\r\n\r\nJesee Ruderman, Andreas Gal, Nils, and Brian Hackett reported memory safety problems that affected Firefox 3.6 and Firefox 3.5.\r\n\r\n * Memory safety bugs - Firefox 3.6, Firefox 3.5\r\n * CVE-2010-3776\r\n\r\nIgor Bukanov reported a memory safety problem that was fixed in Firefox 3.6 only.\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=599607\r\n * CVE-2010-3777\r\n\r\nJesse Ruderman reported a crash which affected Firefox 3.5 only.\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=411835\r\n * CVE-2010-3778\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-74", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3776"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25263", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25263", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-80\r\n\r\nTitle: Use-after-free error with nsDOMAttribute MutationObserver\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: regenrecht\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher regenrecht reported via TippingPoint&#39;s Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals. This flaw could lead to a inconsistent state where the iterator points to an object it believes is part of the DOM but actually points to some other object. If such an object had been deleted and its memory reclaimed by the system, then the iterator could be used to call into attacker-controlled memory.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=590771\r\n * CVE-2010-3766\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-80", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3766"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25269", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25269", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-79\r\n\r\nTitle: Java security bypass from LiveConnect loaded via data: URL meta refresh\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Gregory Fleischer\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher Gregory Fleischer reported that when a Java LiveConnect script was loaded via a data: URL which redirects via a meta refresh, then the resulting plugin object was created with the wrong security principal and thus received elevated privileges such as the abilities to read local files, launch processes, and create network connections.\r\nReferences\r\n\r\n * Java LiveConnect bugs\r\n * CVE-2010-3775\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-79", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3775"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25268", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25268", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-78\r\n\r\nTitle: Add support for OTS font sanitizer\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: Marc Schoenefeld, Christoph Diehl\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n Thunderbird 3.1.7\r\n Thunderbird 3.0.11\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nMozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code. This library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher Christoph Diehl.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=527276\r\n * CVE-2010-3768\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-78", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3768"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25267", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25267", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-83\r\n\r\nTitle: Location bar SSL spoofing using network error page\r\nImpact: High\r\nAnnounced: December 9, 2010\r\nReporter: Michal Zalewski\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nGoogle security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=602780\r\n * CVE-2010-3774\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-83", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3774"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25272", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25272", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-76\r\n\r\nTitle: Chrome privilege escalation with window.open and &lt;isindex&gt; element\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: echo\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher echo reported that a web page could open a window with an about:blank location and then inject an &lt;isindex&gt; element into that page which upon submission would redirect to a chrome: document. The effect of this defect was that the original page would wind up with a reference to a chrome-privileged object, the opened window, which could be leveraged for privilege escalation attacks.\r\n\r\nMozilla security researcher moz_bug_r_a4 provided proof-of-concept code demonstrating how the above vulnerability could be used to run arbitrary code with chrome privileges.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=609437\r\n * CVE-2010-3771\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-76", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3771"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25265", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25265", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-84\r\n\r\nTitle: XSS hazard in multiple character encodings\r\nImpact: Moderate\r\nAnnounced: December 9, 2010\r\nReporter: Yosuke Hasegawa, Masatoshi Kimura\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Sites using these character encodings would thus be potentially vulnerable to script injection attacks if their script filtering code fails to strip out these specific characters.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=601429\r\n * CVE-2010-3770\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-84", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3770"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25273", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25273", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:38", "references": [], "description": "Mozilla Foundation Security Advisory 2010-77\r\n\r\nTitle: Crash and remote code execution using HTML tags inside a XUL tree\r\nImpact: Critical\r\nAnnounced: December 9, 2010\r\nReporter: wushi\r\nProducts: Firefox, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.13\r\n Firefox 3.5.16\r\n SeaMonkey 2.0.11\r\nDescription\r\n\r\nSecurity researcher wushi of team509 reported that when a XUL tree had an HTML &lt;div&gt; element nested inside a &lt;treechildren&gt; element then code attempting to display content in the XUL tree would incorrectly treat the &lt;div&gt; element as a parent node to tree content underneath it resulting in incorrect indexes being calculated for the child content. These incorrect indexes were used in subsequent array operations which resulted in writing data past the end of an allocated buffer. An attacker could use this issue to crash a victim&#39;s browser and run arbitrary code on their machine.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=594547\r\n * CVE-2010-3772\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2010-12-10T00:00:00", "title": "Mozilla Foundation Security Advisory 2010-77", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:38", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2010-3772"], "modified": "2010-12-10T00:00:00", "id": "SECURITYVULNS:DOC:25266", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25266", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:17", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-84.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-76.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-82.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-79.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-77.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-83.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-81.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-75.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-78.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.5.16", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox-devel", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.6.13,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.1.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.6.13,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.0.11", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.9.2.13", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxul", "operator": "lt"}], "description": "\nThe Mozilla Project reports:\n\nMFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)\nMFSA 2010-75 Buffer overflow while line breaking after document.write with long string\nMFSA 2010-76 Chrome privilege escalation with window.open and isindex element\nMFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree\nMFSA 2010-78 Add support for OTS font sanitizer\nMFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh\nMFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver\nMFSA 2010-81 Integer overflow vulnerability in NewIdArray\nMFSA 2010-82 Incomplete fix for CVE-2010-0179\nMFSA 2010-83 Location bar SSL spoofing using network error page\nMFSA 2010-84 XSS hazard in multiple character encodings\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2010-12-09T00:00:00", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-3766"], "modified": "2010-12-09T00:00:00", "id": "1D8FF4A2-0445-11E0-8E32-000F20797EDE", "href": "https://vuxml.freebsd.org/freebsd/1d8ff4a2-0445-11e0-8e32-000f20797ede.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:15:21", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-24.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-17.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-19.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-18.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-23.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-22.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-16.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-21.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-20.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.12.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-f10-nss", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.12.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "nss", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "eq"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.0.19,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.5.9", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox-devel", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.5.9,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}], "description": "\nMozilla Project reports:\n\nMFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy\nMFSA 2010-23 Image src redirect to mailto: URL opens email editor\nMFSA 2010-22 Update NSS to support TLS renegotiation indication\nMFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy\nMFSA 2010-20 Chrome privilege escalation via forced URL drag and drop\nMFSA 2010-19 Dangling pointer vulnerability in nsPluginArray\nMFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView\nMFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection\nMFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2010-03-30T00:00:00", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0173", "CVE-2010-0178", "CVE-2010-0177", "CVE-2009-3555", "CVE-2010-0181", "CVE-2010-0179"], "modified": "2010-03-30T00:00:00", "id": "9CCFEE39-3C3B-11DF-9EDC-000F20797EDE", "href": "https://vuxml.freebsd.org/freebsd/9ccfee39-3c3b-11df-9edc-000f20797ede.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:22:48", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7.diff", "packageFilename": "xulrunner_1.9.0.19-7.diff.gz", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19.orig", "packageFilename": "xulrunner_1.9.0.19.orig.tar.gz", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozillainterfaces-java_1.9.0.19-7_all.deb", "arch": "all", "packageName": "libmozillainterfaces-java", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_mips.deb", "arch": "mips", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner_1.9.0.19-7.dsc", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_amd64.deb", "arch": "x86-64", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-7_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "python-xpcom_1.9.0.19-7_mipsel.deb", "arch": "mipsel", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_sparc.deb", "arch": "sparc", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs-dev_1.9.0.19-7_i386.deb", "arch": "i686", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "xulrunner-dev_1.9.0.19-7_arm.deb", "arch": "arm", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d_1.9.0.19-7_s390.deb", "arch": "s390x", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_powerpc.deb", "arch": "ppc", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "spidermonkey-bin_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_alpha.deb", "arch": "alpha", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-7", "packageFilename": "libmozjs1d-dbg_1.9.0.19-7_hppa.deb", "arch": "hppa", "packageName": "libmozjs1d-dbg", "operator": "lt"}], "edition": 1, "description": "Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems:\n\nFor the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-7.\n\nFor the upcoming stable version (squeeze) and the unstable distribution (sid), these problems have been fixed in version 3.5.15-1.\n\nFor the experimental distribution, these problems have been fixed in version 3.6.13-1.\n\nWe recommend that you upgrade your xulrunner packages.", "reporter": "Debian", "published": "2010-12-11T00:00:00", "type": "debian", "title": "xulrunner -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3778", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770"], "modified": "2010-12-11T00:00:00", "id": "DSA-2132", "href": "http://www.debian.org/security/dsa-2132", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:20:40", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozillainterfaces-java_1.9.0.19-1_all.deb", "arch": "all", "packageName": "libmozillainterfaces-java", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner_1.9.0.19-1.dsc", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "python-xpcom_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "python-xpcom", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_powerpc.deb", "arch": "ppc", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19.orig", "packageFilename": "xulrunner_1.9.0.19.orig.tar.gz", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_ia64.deb", "arch": "ia64", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-dbg_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "libmozjs1d", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-dev_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "xulrunner-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "spidermonkey-bin_1.9.0.19-1_sparc.deb", "arch": "sparc", "packageName": "spidermonkey-bin", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1.diff", "packageFilename": "xulrunner_1.9.0.19-1.diff.gz", "arch": "src", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "libmozjs-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_alpha.deb", "arch": "alpha", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_armel.deb", "arch": "armel", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_amd64.deb", "arch": "x86-64", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs1d-dbg_1.9.0.19-1_i386.deb", "arch": "i686", "packageName": "libmozjs1d-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "xulrunner-1.9-gnome-support_1.9.0.19-1_hppa.deb", "arch": "hppa", "packageName": "xulrunner-1.9-gnome-support", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "1.9.0.19-1", "packageFilename": "libmozjs-dev_1.9.0.19-1_arm.deb", "arch": "arm", "packageName": "libmozjs-dev", "operator": "lt"}], "edition": 1, "description": "Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2010-0174](<https://security-tracker.debian.org/tracker/CVE-2010-0174>)\n\nJesse Ruderman and Ehsan Akhgari discovered crashes in the layout engine, which might allow the execution of arbitrary code.\n\n * [CVE-2010-0175](<https://security-tracker.debian.org/tracker/CVE-2010-0175>)\n\nIt was discovered that incorrect memory handling in the XUL event handler might allow the execution of arbitrary code.\n\n * [CVE-2010-0176](<https://security-tracker.debian.org/tracker/CVE-2010-0176>)\n\nIt was discovered that incorrect memory handling in the XUL event handler might allow the execution of arbitrary code.\n\n * [CVE-2010-0177](<https://security-tracker.debian.org/tracker/CVE-2010-0177>)\n\nIt was discovered that incorrect memory handling in the plugin code might allow the execution of arbitrary code.\n\n * [CVE-2010-0178](<https://security-tracker.debian.org/tracker/CVE-2010-0178>)\n\nPaul Stone discovered that forced drag-and-drop events could lead to Chrome privilege escalation.\n\n * [CVE-2010-0179](<https://security-tracker.debian.org/tracker/CVE-2010-0179>)\n\nIt was discovered that a programming error in the XMLHttpRequestSpy module could lead to the execution of arbitrary code.\n\nFor the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-1.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your xulrunner packages.", "reporter": "Debian", "published": "2010-04-03T00:00:00", "type": "debian", "title": "xulrunner -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2010-0176", "CVE-2010-0174", "CVE-2010-0175", "CVE-2010-0178", "CVE-2010-0177", "CVE-2010-0179"], "modified": "2010-04-03T00:00:00", "id": "DSA-2027", "href": "http://www.debian.org/security/dsa-2027", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.securityfocus.com/bid/45326", "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=590771", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.zerodayinitiative.com/advisories/ZDI-10-264/", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3766", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12649", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12649"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3766"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12649", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12649"}], "modified": "2017-09-18T21:31:32", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3766", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=609437", "http://www.mozilla.org/security/announce/2010/mfsa2010-76.html", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.securityfocus.com/bid/45346", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3771", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12343", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12343"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3771"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12343", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12343"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3771", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3771", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=611897", "http://www.debian.org/security/2010/dsa-2132", "https://bugzilla.mozilla.org/show_bug.cgi?id=589041", "https://bugzilla.mozilla.org/show_bug.cgi?id=610525", "http://www.mozilla.org/security/announce/2010/mfsa2010-79.html", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.securityfocus.com/bid/45355", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3775", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11666", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11666"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3775"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11666", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11666"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3775", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3775", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://support.avaya.com/css/P8/documents/100124650", "http://www.mozilla.org/security/announce/2010/mfsa2010-83.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=602780", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.securitytracker.com/id?1024850", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remote attackers to spoof the location bar via a crafted web site.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3774", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12512", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12512"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3774"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12512", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12512"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3774", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3774", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=527276", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html", "http://www.securitytracker.com/id?1024846", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.redhat.com/support/errata/RHSA-2010-0969.html", "http://www.securityfocus.com/bid/45352", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html", "https://bugzilla.redhat.com/show_bug.cgi?id=660420", "http://support.avaya.com/css/P8/documents/100124650", "http://www.ubuntu.com/usn/USN-1020-1", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:258", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251", "http://www.mozilla.org/security/announce/2010/mfsa2010-78.html"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3768", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12533", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12533"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3768"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12533", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12533"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3768", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3768", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://www.redhat.com/support/errata/RHSA-2010-0968.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=594547", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://www.mozilla.org/security/announce/2010/mfsa2010-77.html", "http://www.securityfocus.com/bid/45351", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3772", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12324", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12324"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3772"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12324", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12324"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3772", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3772", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html", "http://www.securitytracker.com/id?1024846", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.redhat.com/support/errata/RHSA-2010-0969.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=599607", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html", "http://support.avaya.com/css/P8/documents/100124650", "http://www.ubuntu.com/usn/USN-1020-1", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:258", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://www.securityfocus.com/bid/45348", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3777", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12468", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12468"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3777"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12468", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12468"}], "modified": "2017-09-18T21:31:34", "cpe": ["cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:3.6.1", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:firefox:3.6.6"], "id": "CVE-2010-3777", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3777", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "https://bugzilla.mozilla.org/show_bug.cgi?id=599468", "http://www.redhat.com/support/errata/RHSA-2010-0968.html", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-81.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3767", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12610", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12610"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3767"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12610", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12610"}], "modified": "2017-09-18T21:31:32", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3767", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3767", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securityfocus.com/bid/45354", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "http://www.debian.org/security/2010/dsa-2132", "http://www.mozilla.org/security/announce/2010/mfsa2010-82.html", "http://support.avaya.com/css/P8/documents/100124650", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.ubuntu.com/usn/USN-1019-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=554449", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3773", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11960", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11960"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3773"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11960", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11960"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3773", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3773", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:37:07", "references": ["http://www.securitytracker.com/id?1024848", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052110.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=569162", "http://www.securitytracker.com/id?1024846", "https://bugzilla.mozilla.org/show_bug.cgi?id=605307", "https://bugzilla.mozilla.org/show_bug.cgi?id=468563", "http://www.redhat.com/support/errata/RHSA-2010-0968.html", "http://www.redhat.com/support/errata/RHSA-2010-0966.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=571995", "http://www.redhat.com/support/errata/RHSA-2010-0969.html", "http://www.debian.org/security/2010/dsa-2132", "https://bugzilla.mozilla.org/show_bug.cgi?id=599166", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052220.html", "http://support.avaya.com/css/P8/documents/100124650", "http://www.ubuntu.com/usn/USN-1020-1", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:258", "http://www.securityfocus.com/bid/45347", "http://www.vupen.com/english/advisories/2011/0030", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-74.html", "http://www.ubuntu.com/usn/USN-1019-1", "http://www.redhat.com/support/errata/RHSA-2010-0967.html", "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=601699", "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=604843", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"], "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "edition": 2, "reporter": "NVD", "published": "2010-12-10T14:00:02", "title": "CVE-2010-3776", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:37:07", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12389", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12389"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2010-3776"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:12389", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12389"}], "modified": "2017-09-18T21:31:33", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-3776", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3776", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:37:04", "references": [], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-x86", "packageFilename": "mozilla-xulrunner192-gnome-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.0.1-4.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-4.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.0.1-4.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-4.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.0.1-3.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-3.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-x86", "packageFilename": "mozilla-xulrunner191-gnomevfs-x86-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-x86", "packageFilename": "mozilla-xulrunner191-translations-x86-1.9.1.16-0.1.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-x86", "packageFilename": "mozilla-xulrunner192-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-32bit", "packageFilename": "mozilla-xulrunner191-translations-32bit-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.0.1-3.5.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-3.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common", "packageFilename": "mozilla-xulrunner192-translations-common-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-x86", "packageFilename": "mozilla-xulrunner192-translations-x86-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome-32bit", "packageFilename": "mozilla-xulrunner192-gnome-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-translations-common-32bit", "packageFilename": "mozilla-xulrunner192-translations-common-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-common", "packageFilename": "mozilla-xulrunner191-translations-common-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations-32bit", "packageFilename": "mozilla-xulrunner192-translations-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-buildsymbols", "packageFilename": "mozilla-xulrunner192-buildsymbols-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.6.13-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-js192-32bit", "packageFilename": "mozilla-js192-32bit-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-translations-other", "packageFilename": "mozilla-xulrunner191-translations-other-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "3.6.13-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.6.13-0.7.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-32bit", "packageFilename": "mozilla-xulrunner192-32bit-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-js192", "packageFilename": "mozilla-js192-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other-32bit", "packageFilename": "mozilla-xulrunner192-translations-other-32bit-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.6.13-0.2.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-3.6.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-translations", "packageFilename": "mozilla-xulrunner191-translations-1.9.1.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-3.0.11-0.6.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-debuginfo", "packageFilename": "mozilla-xulrunner191-debuginfo-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-1.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-devel", "packageFilename": "mozilla-xulrunner192-devel-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.0.11-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191", "packageFilename": "mozilla-xulrunner191-1.9.1.16-0.4.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "2.0.11-0.2.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.0.11-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192", "packageFilename": "mozilla-xulrunner192-1.9.2.13-1.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "1.9.2.13-0.2.1", "packageName": "mozilla-xulrunner192-translations-other", "packageFilename": "mozilla-xulrunner192-translations-other-1.9.2.13-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.2.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-devel", "packageFilename": "mozilla-xulrunner191-devel-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.0.1-6.6.1", "packageName": "enigmail", "packageFilename": "enigmail-1.0.1-6.6.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.4.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.3", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "1.9.1.16-0.2.1", "packageName": "python-xpcom191", "packageFilename": "python-xpcom191-1.9.1.16-0.2.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.0.11-0.6.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-3.0.11-0.6.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "3.6.13-0.1.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-3.6.13-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.2", "packageVersion": "3.0.11-0.5.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-3.0.11-0.5.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs-32bit", "packageFilename": "mozilla-xulrunner191-gnomevfs-32bit-1.9.1.16-0.1.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-translations", "packageFilename": "mozilla-xulrunner192-translations-1.9.2.13-1.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "3.5.16-0.4.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-3.5.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "2.0.11-0.1.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.0.11-0.1.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.3", "packageVersion": "1.9.1.16-0.4.1", "packageName": "mozilla-xulrunner191-32bit", "packageFilename": "mozilla-xulrunner191-32bit-1.9.1.16-0.4.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.2.13-0.1.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-0.1.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.1", "packageVersion": "1.9.1.16-0.1.1", "packageName": "mozilla-xulrunner191-gnomevfs", "packageFilename": "mozilla-xulrunner191-gnomevfs-1.9.1.16-0.1.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.1", "packageVersion": "1.9.2.13-1.7.1", "packageName": "mozilla-xulrunner192-gnome", "packageFilename": "mozilla-xulrunner192-gnome-1.9.2.13-1.7.1.ppc64.rpm", "arch": "ppc64", "operator": "lt"}], "description": "Mozilla Firefox was updated to update 3.6.13 to fix several security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "reporter": "Suse", "published": "2011-01-05T11:25:44", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "suse", "title": "remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3772", "CVE-2010-3777", "CVE-2010-3778", "CVE-2010-3774", "CVE-2010-3769", "CVE-2010-3773", "CVE-2010-3768", "CVE-2010-3776", "CVE-2010-3775", "CVE-2010-3767", "CVE-2010-3771", "CVE-2010-3770", "CVE-2010-0179", "CVE-2010-3766"], "modified": "2011-01-05T11:25:44", "id": "SUSE-SA:2011:003", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:38", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=504021", "https://bugzilla.mozilla.org/show_bug.cgi?id=554449"], "edition": 1, "description": "Mozilla security researcher moz_bug_r_a4 reported\nthat the fix\nfor CVE-2010-0179\ncould be circumvented permitting the execution of arbitrary JavaScript\nwith chrome privileges.", "reporter": "Mozilla Foundation", "published": "2010-12-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Incomplete fix for CVE-2010-0179", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "3.6.13", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.0.11", "operator": "lt"}, {"name": "Firefox", "version": "3.5.16", "operator": "lt"}], "cvelist": [], "modified": "2010-12-09T00:00:00", "id": "MFSA2010-82", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2010-82/", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdi": [{"lastseen": "2016-11-09T00:17:57", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-80.html"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the application's support of the NodeIterator API used for element traversal. Due to a particular element not implementing functionality required by the API, a use-after free vulnerability can be forced to occur. This can be used to achieve code execution under the context of the application.", "reporter": "regenrecht", "published": "2010-12-09T00:00:00", "title": "Mozilla Firefox nsDOMAttribute MutationObserver Remote Code Execution Vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2010-3766"], "modified": "2010-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-264", "id": "ZDI-10-264", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-11-09T00:18:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-81.html"], "edition": 2, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.", "reporter": "regenrecht", "published": "2010-12-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability", "type": "zdi", "bulletinFamily": "info", "cvelist": ["CVE-2010-3767"], "modified": "2010-11-09T00:00:00", "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-265", "id": "ZDI-10-265", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-02-04T00:36:15", "osvdbidlist": ["69772"], "references": [], "description": "Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities. CVE-2010-3770. Remote exploit for linux platform", "edition": 1, "reporter": "Yosuke Hasegawa", "published": "2010-12-09T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "exploitdb", "title": "Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3770"], "modified": "2010-12-09T00:00:00", "id": "EDB-ID:35095", "href": "https://www.exploit-db.com/exploits/35095/", "sourceData": "source: http://www.securityfocus.com/bid/45353/info\r\n\r\nMozilla Firefox, SeaMonkey, and Thunderbird are prone to multiple HTML-injection vulnerabilities.\r\n\r\nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.\r\n\r\nThis issue is fixed in:\r\n\r\nFirefox 3.6.13\r\nFirefox 3.5.16\r\nSeaMonkey 2.0.11\r\n\r\nx-mac-farsi exploit: <meta charset=\"x-mac-farsi\">?script ?alert(1)//?/script ?", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/35095/"}], "seebug": [{"lastseen": "2017-11-19T18:05:43", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE:CVE-2010-3775\r\nBugtraq ID:45355 \r\n\r\nMozilla Firefox and SeaMonkey are prone to a security-bypass vulnerability.\r\n\r\nAttackers can exploit this issue to bypass security restrictions and obtain elevated privileges such as the abilities to read local files, launch processes, and create network connections.\r\n\r\nThis issue is fixed in:\r\n\r\nFirefox 3.6.13\r\nFirefox 3.5.16\r\nSeaMonkey 2.0.11\r\n\r\nNOTE: This issue was previously covered in BID 45322 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-74 -82, 84 Multiple Vulnerabilities), but has been assigned its own record to better document it. \n\nUbuntu Ubuntu Linux 9.10 sparc\r\nUbuntu Ubuntu Linux 9.10 powerpc\r\nUbuntu Ubuntu Linux 9.10 lpia\r\nUbuntu Ubuntu Linux 9.10 i386\r\nUbuntu Ubuntu Linux 9.10 ARM\r\nUbuntu Ubuntu Linux 9.10 amd64\r\nUbuntu Ubuntu Linux 8.04 LTS sparc\r\nUbuntu Ubuntu Linux 8.04 LTS powerpc\r\nUbuntu Ubuntu Linux 8.04 LTS lpia\r\nUbuntu Ubuntu Linux 8.04 LTS i386\r\nUbuntu Ubuntu Linux 8.04 LTS amd64\r\nUbuntu Ubuntu Linux 10.10 powerpc\r\nUbuntu Ubuntu Linux 10.10 i386\r\nUbuntu Ubuntu Linux 10.10 ARM\r\nUbuntu Ubuntu Linux 10.10 amd64\r\nUbuntu Ubuntu Linux 10.04 sparc\r\nUbuntu Ubuntu Linux 10.04 powerpc\r\nUbuntu Ubuntu Linux 10.04 i386\r\nUbuntu Ubuntu Linux 10.04 ARM\r\nUbuntu Ubuntu Linux 10.04 amd64\r\nSuSE SUSE Linux Enterprise Server 11 SP1\r\nSuSE SUSE Linux Enterprise Server 10 SP3\r\nSuSE SUSE Linux Enterprise SDK 11 SP1\r\nSuSE SUSE Linux Enterprise SDK 10 SP3\r\nSuSE SUSE Linux Enterprise Desktop 11 SP1\r\n+ Linux kernel 2.6.5\r\nSuSE SUSE Linux Enterprise Desktop 10 SP3\r\nSuSE openSUSE 11.3\r\nSlackware Linux x86_64 -current\r\nSlackware Linux 13.1 x86_64\r\nSlackware Linux 13.1\r\nSlackware Linux 13.0 x86_64\r\nSlackware Linux 13.0\r\nSlackware Linux -current\r\nS.u.S.E. openSUSE 11.2\r\nS.u.S.E. openSUSE 11.1\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux Desktop Workstation 5 client\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux Desktop version 4\r\nRedHat Enterprise Linux 5 server\r\nRed Hat Fedora 14\r\nRed Hat Fedora 13\r\nRed Hat Enterprise Linux Workstation Optional 6\r\nRed Hat Enterprise Linux Workstation 6\r\nRed Hat Enterprise Linux Server Optional 6\r\nRed Hat Enterprise Linux Server 6\r\nRed Hat Enterprise Linux HPC Node Optional 6\r\nRed Hat Enterprise Linux Desktop Optional 6\r\nRed Hat Enterprise Linux Desktop 6\r\nRed Hat Enterprise Linux Desktop 5 client\r\nMozilla SeaMonkey 2.0.9\r\nMozilla SeaMonkey 2.0.8\r\nMozilla SeaMonkey 2.0.5\r\nMozilla SeaMonkey 2.0.4\r\nMozilla SeaMonkey 2.0.3\r\nMozilla SeaMonkey 2.0.2\r\nMozilla SeaMonkey 2.0.1\r\nMozilla SeaMonkey 2.0.9\r\nMozilla SeaMonkey 2.0.7\r\nMozilla SeaMonkey 2.0.6\r\nMozilla SeaMonkey 2.0.5\r\nMozilla SeaMonkey 2.0.4\r\nMozilla SeaMonkey 2.0.10\r\nMozilla SeaMonkey 2.0 Rc2\r\nMozilla SeaMonkey 2.0 Rc1\r\nMozilla SeaMonkey 2.0 Beta 2\r\nMozilla SeaMonkey 2.0 Beta 1\r\nMozilla SeaMonkey 2.0 Alpha 3\r\nMozilla SeaMonkey 2.0 Alpha 2\r\nMozilla SeaMonkey 2.0 Alpha 1\r\nMozilla SeaMonkey 2.0\r\nMozilla Firefox 3.6.10\r\nMozilla Firefox 3.6.9\r\nMozilla Firefox 3.6.8\r\nMozilla Firefox 3.6.6\r\nMozilla Firefox 3.6.4\r\nMozilla Firefox 3.6.3\r\nMozilla Firefox 3.6.2\r\nMozilla Firefox 3.6.2\r\nMozilla Firefox 3.5.17\r\nMozilla Firefox 3.5.14\r\nMozilla Firefox 3.5.13\r\nMozilla Firefox 3.5.10\r\nMozilla Firefox 3.5.10\r\nMozilla Firefox 3.5.9\r\nMozilla Firefox 3.5.9\r\nMozilla Firefox 3.5.8\r\nMozilla Firefox 3.5.7\r\nMozilla Firefox 3.5.6\r\nMozilla Firefox 3.5.5\r\nMozilla Firefox 3.5.4\r\nMozilla Firefox 3.5.3\r\nMozilla Firefox 3.5.2\r\nMozilla Firefox 3.5.1\r\nMozilla Firefox 3.5\r\nMozilla Firefox 3.6.7\r\nMozilla Firefox 3.6.6\r\nMozilla Firefox 3.6.12\r\nMozilla Firefox 3.6.11\r\nMozilla Firefox 3.6 Beta 3\r\nMozilla Firefox 3.6 Beta 2\r\nMozilla Firefox 3.6\r\nMozilla Firefox 3.5.15\r\nMozilla Firefox 3.5.12\r\nMozilla Firefox 3.5.11\r\nMandrakeSoft Linux Mandrake 2010.1 x86_64\r\nMandrakeSoft Linux Mandrake 2010.1\r\nMandrakeSoft Linux Mandrake 2010.0 x86_64\r\nMandrakeSoft Linux Mandrake 2010.0\r\nMandrakeSoft Linux Mandrake 2009.0 x86_64\r\nMandrakeSoft Linux Mandrake 2009.0\r\nMandrakeSoft Enterprise Server 5 x86_64\r\nMandrakeSoft Enterprise Server 5\r\nAvaya Messaging Storage Server MSS 5.1\r\nAvaya Messaging Storage Server MSS 4.1\r\nAvaya Messaging Storage Server 5.2.8\r\nAvaya Messaging Storage Server 5.2.2\r\nAvaya Messaging Storage Server 5.2 SP3\r\nAvaya Messaging Storage Server 5.2 SP2\r\nAvaya Messaging Storage Server 5.2 SP1\r\nAvaya Messaging Storage Server 5.2\r\nAvaya Messaging Storage Server 5.1 SP2\r\nAvaya Messaging Storage Server 5.1 SP1\r\nAvaya Messaging Storage Server 5.1\r\nAvaya Messaging Storage Server 5.0\r\nAvaya Messaging Storage Server 4.0\r\nAvaya Message Networking 5.2.1\r\nAvaya Message Networking MN 3.1\r\nAvaya Message Networking 5.2.2\r\nAvaya Message Networking 5.2 SP1\r\nAvaya Message Networking 5.2\r\nAvaya Message Networking 3.1\r\nAvaya IQ 4.1\r\nAvaya IQ 5.1\r\nAvaya IQ 5\r\nAvaya IQ 4.2\r\nAvaya IQ 4.0\r\nAvaya Intuity AUDIX LX 2.0 SP2\r\nAvaya Intuity AUDIX LX 2.0 SP1\r\nAvaya Intuity AUDIX LX 2.0\r\nAvaya Communication Server 1000M Signaling Server 7.5\r\nAvaya Communication Server 1000M Signaling Server 7.0\r\nAvaya Communication Server 1000M 7.5\r\nAvaya Communication Server 1000M 7.0\r\nAvaya Communication Server 1000E Signaling Server 7.5\r\nAvaya Communication Server 1000E Signaling Server 7.0\r\nAvaya Communication Server 1000E 7.5\r\nAvaya Communication Server 1000E 7.0\r\nAvaya Aura System Manager 6.1.1\r\nAvaya Aura System Manager 6.1\r\nAvaya Aura System Manager 6.0 SP1\r\nAvaya Aura System Manager 6.0\r\nAvaya Aura System Manager 5.2\r\nAvaya Aura Session Manager 6.1.2\r\nAvaya Aura Session Manager 6.1.1\r\nAvaya Aura Session Manager 6.1\r\nAvaya Aura Session Manager 6.0 SP1\r\nAvaya Aura Session Manager 6.0\r\nAvaya Aura Session Manager 5.2 SP2\r\nAvaya Aura Session Manager 5.2 SP1\r\nAvaya Aura Session Manager 5.2\r\nAvaya Aura Session Manager 1.1\r\nAvaya Aura Presence Services 6.1\r\nAvaya Aura Presence Services 6.0\nhttp://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser -3.0-branding_3.6.13+build3+nobinonly-0ubuntu0.9.10.1_all.deb\r\nhttp://www.securityfocus.com/bid/45355/solution", "reporter": "Root", "published": "2011-08-01T00:00:00", "title": "Mozilla Firefox and SeaMonkey Java LiveConnect Script Security Bypass Vulnerability", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2010-3775"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2011-08-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20801", "id": "SSV:20801", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "", "status": "details"}]}