Search...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20121009)

2012-10-11T00:00:00

ID SL_20121009_FIREFOX_ON_SL5_X.NASL
Type nessus
Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2012-10-11T00:00:00

Description

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)

Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)

Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)

Two flaws were found in the way Chrome Object Wrappers were implemented. Malicious content could be used to perform cross-site scripting attacks or cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)

For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.8 ESR.

This update also fixes the following bug :

In certain environments, storing personal Firefox configuration files (~/.mozilla/) on an NFS share, such as when your home directory is on a NFS share, led to Firefox functioning incorrectly, for example, navigation buttons not working as expected, and bookmarks not saving. This update adds a new configuration option, storage.nfs_filesystem, that can be used to resolve this issue.

If you experience this issue :

1) Start Firefox.

2) Type 'about:config' (without quotes) into the URL bar and press the Enter key.

3) If prompted with 'This might void your warranty!', click the 'I'll be careful, I promise!' button.

4) Right-click in the Preference Name list. In the menu that opens, select New -> Boolean.

5) Type 'storage.nfs_filesystem' (without quotes) for the preference name and then click the OK button.

6) Select 'true' for the boolean value and then press the OK button.

After installing the update, Firefox must be restarted for the changes to take effect.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(62492);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-1956", "CVE-2012-3982", "CVE-2012-3986", "CVE-2012-3988", "CVE-2012-3990", "CVE-2012-3991", "CVE-2012-3992", "CVE-2012-3993", "CVE-2012-3994", "CVE-2012-3995", "CVE-2012-4179", "CVE-2012-4180", "CVE-2012-4181", "CVE-2012-4182", "CVE-2012-4183", "CVE-2012-4184", "CVE-2012-4185", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4188");

  script_name(english:"Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20121009)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Mozilla Firefox is an open source web browser. XULRunner provides the
XUL Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,
CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,
CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,
CVE-2012-4187, CVE-2012-4188)

Two flaws in Firefox could allow a malicious website to bypass
intended restrictions, possibly leading to information disclosure, or
Firefox executing arbitrary code. Note that the information disclosure
issue could possibly be combined with other flaws to achieve arbitrary
code execution. (CVE-2012-3986, CVE-2012-3991)

Multiple flaws were found in the location object implementation in
Firefox. Malicious content could be used to perform cross-site
scripting attacks, script injection, or spoofing attacks.
(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)

Two flaws were found in the way Chrome Object Wrappers were
implemented. Malicious content could be used to perform cross-site
scripting attacks or cause Firefox to execute arbitrary code.
(CVE-2012-3993, CVE-2012-4184)

For technical details regarding these flaws, refer to the Mozilla
security advisories for Firefox 10.0.8 ESR.

This update also fixes the following bug :

  - In certain environments, storing personal Firefox
    configuration files (~/.mozilla/) on an NFS share, such
    as when your home directory is on a NFS share, led to
    Firefox functioning incorrectly, for example, navigation
    buttons not working as expected, and bookmarks not
    saving. This update adds a new configuration option,
    storage.nfs_filesystem, that can be used to resolve this
    issue.

If you experience this issue :

1) Start Firefox.

2) Type 'about:config' (without quotes) into the URL bar and press the
Enter key.

3) If prompted with 'This might void your warranty!', click the 'I'll
be careful, I promise!' button.

4) Right-click in the Preference Name list. In the menu that opens,
select New -&gt; Boolean.

5) Type 'storage.nfs_filesystem' (without quotes) for the preference
name and then click the OK button.

6) Select 'true' for the boolean value and then press the OK button.

After installing the update, Firefox must be restarted for the changes
to take effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1210&L=scientific-linux-errata&T=0&P=1368
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?14219b9c"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected firefox, xulrunner and / or xulrunner-devel
packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/08/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/10/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " &gt;!&lt; release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu &gt;!&lt; "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL5", reference:"firefox-10.0.8-1.el5_8")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-10.0.8-1.el5_8")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-devel-10.0.8-1.el5_8")) flag++;

if (rpm_check(release:"SL6", reference:"firefox-10.0.8-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-10.0.8-1.el6_3")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-devel-10.0.8-1.el6_3")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / xulrunner / xulrunner-devel");
}

JSON Vulners Source

Initial Source

{"id": "SL_20121009_FIREFOX_ON_SL5_X.NASL", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20121009)", "description": "Mozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR.\n\nThis update also fixes the following bug :\n\n - In certain environments, storing personal Firefox\n configuration files (~/.mozilla/) on an NFS share, such\n as when your home directory is on a NFS share, led to\n Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not\n saving. This update adds a new configuration option,\n storage.nfs_filesystem, that can be used to resolve this\n issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.", "published": "2012-10-11T00:00:00", "modified": "2012-10-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/62492", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?14219b9c"], "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "type": "nessus", "lastseen": "2021-01-17T13:46:53", "edition": 15, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "redhat", "idList": ["RHSA-2012:1350", "RHSA-2012:1351"]}, {"type": "centos", "idList": ["CESA-2012:1351", "CESA-2012:1350"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1351", "ELSA-2012-1350"]}, {"type": "nessus", "idList": ["MACOSX_THUNDERBIRD_10_0_8.NASL", "CENTOS_RHSA-2012-1350.NASL", "ORACLELINUX_ELSA-2012-1351.NASL", "MOZILLA_THUNDERBIRD_1008.NASL", "REDHAT-RHSA-2012-1350.NASL", "CENTOS_RHSA-2012-1351.NASL", "MOZILLA_FIREFOX_1008.NASL", "ORACLELINUX_ELSA-2012-1350.NASL", "REDHAT-RHSA-2012-1351.NASL", "SL_20121009_THUNDERBIRD_ON_SL5_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123805", "OPENVAS:881514", "OPENVAS:881512", "OPENVAS:1361412562310123804", "OPENVAS:881513", "OPENVAS:1361412562310870844", "OPENVAS:1361412562310881513", "OPENVAS:1361412562310881512", "OPENVAS:1361412562310881514", "OPENVAS:1361412562310870843"]}, {"type": "ubuntu", "idList": ["USN-1600-1", "USN-1611-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2569-1:F36D1", "DEBIAN:DSA-2572-1:34217", "DEBIAN:DSA-2565-1:E3FBE"]}, {"type": "suse", "idList": ["SUSE-SU-2012:1351-1", "OPENSUSE-SU-2012:1345-1"]}, {"type": "freebsd", "idList": ["6E5A9AFD-12D3-11E2-B47D-C8600054B392"]}, {"type": "mozilla", "idList": ["MFSA2012-85", "MFSA2012-86"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12639"]}, {"type": "cve", "idList": ["CVE-2012-3994", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4179", "CVE-2012-3993", "CVE-2012-4184", "CVE-2012-4188", "CVE-2012-3992"]}], "modified": "2021-01-17T13:46:53", "rev": 2}, "score": {"value": 9.2, "vector": "NONE", "modified": "2021-01-17T13:46:53", "rev": 2}, "vulnersScore": 9.2}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62492);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n\n script_name(english:\"Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20121009)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR.\n\nThis update also fixes the following bug :\n\n - In certain environments, storing personal Firefox\n configuration files (~/.mozilla/) on an NFS share, such\n as when your home directory is on a NFS share, led to\n Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not\n saving. This update adds a new configuration option,\n storage.nfs_filesystem, that can be used to resolve this\n issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1210&L=scientific-linux-errata&T=0&P=1368\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14219b9c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"firefox-10.0.8-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-10.0.8-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xulrunner-devel-10.0.8-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"firefox-10.0.8-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-10.0.8-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"xulrunner-devel-10.0.8-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "naslFamily": "Scientific Linux Local Security Checks", "pluginID": "62492", "cpe": ["p-cpe:/a:fermilab:scientific_linux:firefox", "p-cpe:/a:fermilab:scientific_linux:xulrunner-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:xulrunner"], "scheme": null}

{"redhat": [{"lastseen": "2020-08-14T12:07:30", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1956", "CVE-2012-3982", "CVE-2012-3986", "CVE-2012-3988", "CVE-2012-3990", "CVE-2012-3991", "CVE-2012-3992", "CVE-2012-3993", "CVE-2012-3994", "CVE-2012-3995", "CVE-2012-4179", "CVE-2012-4180", "CVE-2012-4181", "CVE-2012-4182", "CVE-2012-4183", "CVE-2012-4184", "CVE-2012-4185", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4188"], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\nCVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\nCVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass intended\nrestrictions, possibly leading to information disclosure, or Firefox\nexecuting arbitrary code. Note that the information disclosure issue could\npossibly be combined with other flaws to achieve arbitrary code execution.\n(CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in Firefox.\nMalicious content could be used to perform cross-site scripting attacks,\nscript injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\nCVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were implemented.\nMalicious content could be used to perform cross-site scripting attacks or\ncause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\nmiaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\nmoz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\nissues.\n\nThis update also fixes the following bug:\n\n* In certain environments, storing personal Firefox configuration files\n(~/.mozilla/) on an NFS share, such as when your home directory is on a\nNFS share, led to Firefox functioning incorrectly, for example, navigation\nbuttons not working as expected, and bookmarks not saving. This update\nadds a new configuration option, storage.nfs_filesystem, that can be used\nto resolve this issue.\n\nIf you experience this issue:\n\n1) Start Firefox.\n\n2) Type \"about:config\" (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with \"This might void your warranty!\", click the \"I'll be\ncareful, I promise!\" button.\n\n4) Right-click in the Preference Name list. In the menu that opens, select\nNew -> Boolean.\n\n5) Type \"storage.nfs_filesystem\" (without quotes) for the preference name\nand then click the OK button.\n\n6) Select \"true\" for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.8 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:07", "published": "2012-10-09T04:00:00", "id": "RHSA-2012:1350", "href": "https://access.redhat.com/errata/RHSA-2012:1350", "type": "redhat", "title": "(RHSA-2012:1350) Critical: firefox security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-14T12:05:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1956", "CVE-2012-3982", "CVE-2012-3986", "CVE-2012-3988", "CVE-2012-3990", "CVE-2012-3991", "CVE-2012-3992", "CVE-2012-3993", "CVE-2012-3994", "CVE-2012-3995", "CVE-2012-4179", "CVE-2012-4180", "CVE-2012-4181", "CVE-2012-4182", "CVE-2012-4183", "CVE-2012-4184", "CVE-2012-4185", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4188"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2012-3982,\nCVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180,\nCVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass intended\nrestrictions, possibly leading to information disclosure, or Thunderbird\nexecuting arbitrary code. Note that the information disclosure issue could\npossibly be combined with other flaws to achieve arbitrary code execution.\n(CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks. (CVE-2012-1956,\nCVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were implemented.\nMalicious content could be used to perform cross-site scripting attacks or\ncause Thunderbird to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\nmiaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\nmoz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\nissues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n", "modified": "2018-06-06T20:24:18", "published": "2012-10-09T04:00:00", "id": "RHSA-2012:1351", "href": "https://access.redhat.com/errata/RHSA-2012:1351", "type": "redhat", "title": "(RHSA-2012:1351) Critical: thunderbird security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2020-08-14T13:42:41", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1351\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2012-3982,\nCVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180,\nCVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass intended\nrestrictions, possibly leading to information disclosure, or Thunderbird\nexecuting arbitrary code. Note that the information disclosure issue could\npossibly be combined with other flaws to achieve arbitrary code execution.\n(CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks. (CVE-2012-1956,\nCVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were implemented.\nMalicious content could be used to perform cross-site scripting attacks or\ncause Thunderbird to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\nmiaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\nmoz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\nissues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030967.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030969.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2012-1351.html", "edition": 4, "modified": "2012-10-10T19:06:06", "published": "2012-10-10T13:53:37", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030967.html", "id": "CESA-2012:1351", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-14T13:41:28", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1350\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\nCVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\nCVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass intended\nrestrictions, possibly leading to information disclosure, or Firefox\nexecuting arbitrary code. Note that the information disclosure issue could\npossibly be combined with other flaws to achieve arbitrary code execution.\n(CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in Firefox.\nMalicious content could be used to perform cross-site scripting attacks,\nscript injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\nCVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were implemented.\nMalicious content could be used to perform cross-site scripting attacks or\ncause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\nmiaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\nmoz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\nissues.\n\nThis update also fixes the following bug:\n\n* In certain environments, storing personal Firefox configuration files\n(~/.mozilla/) on an NFS share, such as when your home directory is on a\nNFS share, led to Firefox functioning incorrectly, for example, navigation\nbuttons not working as expected, and bookmarks not saving. This update\nadds a new configuration option, storage.nfs_filesystem, that can be used\nto resolve this issue.\n\nIf you experience this issue:\n\n1) Start Firefox.\n\n2) Type \"about:config\" (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with \"This might void your warranty!\", click the \"I'll be\ncareful, I promise!\" button.\n\n4) Right-click in the Preference Name list. In the menu that opens, select\nNew -> Boolean.\n\n5) Type \"storage.nfs_filesystem\" (without quotes) for the preference name\nand then click the OK button.\n\n6) Select \"true\" for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.8 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030966.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030968.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2012-1350.html", "edition": 4, "modified": "2012-10-10T19:04:28", "published": "2012-10-10T13:52:09", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030966.html", "id": "CESA-2012:1350", "title": "firefox, xulrunner security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2020-08-14T13:34:56", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "firefox\n[10.0.8-1.0.2.el6_3]\n- Updated firefox-oracle-default-prefs.js based on latest firefox-redhat-default-prefs.js\n[10.0.8-1.0.1.el6_3]\n- Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js\n[10.0.8-1]\n- Update to 10.0.8 ESR\nxulrunner\n[10.0.8-1.0.1.el6_3]\n- Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js\n[10.0.8-1]\n- Update to 10.0.8 ESR", "edition": 5, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "ELSA-2012-1350", "href": "http://linux.oracle.com/errata/ELSA-2012-1350.html", "title": "firefox security and bug fix update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-10-22T17:05:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "[10.0.8-1.0.1.el6_3]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n- Replace clean.gif in tarball\n[10.0.8-1]\n- Update to 10.0.8 ESR", "edition": 6, "modified": "2012-10-10T00:00:00", "published": "2012-10-10T00:00:00", "id": "ELSA-2012-1351", "href": "http://linux.oracle.com/errata/ELSA-2012-1351.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-08-14T16:23:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:1361412562310881514", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881514", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1351 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1351 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018929.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881514\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:03:01 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1351\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1351 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed content. Malicious\n content could cause Thunderbird to crash or, potentially, execute arbitrary\n code with the privileges of the user running Thunderbird. (CVE-2012-3982,\n CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180,\n CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\n CVE-2012-4187, CVE-2012-4188)\n\n Two flaws in Thunderbird could allow malicious content to bypass intended\n restrictions, possibly leading to information disclosure, or Thunderbird\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n\n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956,\n CVE-2012-3992, CVE-2012-3994)\n\n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Thunderbird to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n\n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.8 ESR, which corrects these issues. After\n installing the update, Thunderbird must be restarted for the changes to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-11T11:05:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Check for the Version of firefox", "modified": "2018-01-10T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:881512", "href": "http://plugins.openvas.org/nasl.php?oid=881512", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1350 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1350 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\n CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\n CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n \n Two flaws in Firefox could allow a malicious website to bypass intended\n restrictions, possibly leading to information disclosure, or Firefox\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n \n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\n CVE-2012-3994)\n \n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n \n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n \n This update also fixes the following bug:\n \n * In certain environments, storing personal Firefox configuration files\n (~/.mozilla/) on an NFS share, such as when your home directory is on a\n NFS share, led to Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not saving. This update\n adds a new configuration option, storage.nfs_filesystem, that can be used\n to resolve this issue.\n \n If you experience this issue:\n \n 1) Start Firefox.\n \n 2) Type "about:config" (without quotes) into the URL bar and press the\n Enter key.\n \n 3) If prompted with "This might void your warranty!", click the "I'll be\n careful, I promise!" button.\n \n 4) Right-click in the ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018928.html\");\n script_id(881512);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:02:01 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1350\");\n script_name(\"CentOS Update for firefox CESA-2012:1350 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-14T16:16:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Oracle Linux Local Security Checks ELSA-2012-1350", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123805", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123805", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1350", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1350.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123805\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:47 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1350\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1350 - firefox security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1350\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1350.html\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.0.2.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.0.2.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-14T16:20:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:1361412562310881512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881512", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1350 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1350 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018928.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881512\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:02:01 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1350\");\n script_name(\"CentOS Update for firefox CESA-2012:1350 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\n CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\n CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n\n Two flaws in Firefox could allow a malicious website to bypass intended\n restrictions, possibly leading to information disclosure, or Firefox\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n\n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\n CVE-2012-3994)\n\n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n\n This update also fixes the following bug:\n\n * In certain environments, storing personal Firefox configuration files\n (~/.mozilla/) on an NFS share, such as when your home directory is on a\n NFS share, led to Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not saving. This update\n adds a new configuration option, storage.nfs_filesystem, that can be used\n to resolve this issue.\n\n If you experience this issue:\n\n 1) Start Firefox.\n\n 2) Type 'about:config' (without quotes) into the URL bar and press the\n Enter key.\n\n 3) If prompted with 'This might void your warranty!', click the 'I'll be\n careful, I promise!' button.\n\n 4) Right-click in the ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:06:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Check for the Version of thunderbird", "modified": "2018-01-05T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:881514", "href": "http://plugins.openvas.org/nasl.php?oid=881514", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1351 centos5 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1351 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed content. Malicious\n content could cause Thunderbird to crash or, potentially, execute arbitrary\n code with the privileges of the user running Thunderbird. (CVE-2012-3982,\n CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180,\n CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\n CVE-2012-4187, CVE-2012-4188)\n \n Two flaws in Thunderbird could allow malicious content to bypass intended\n restrictions, possibly leading to information disclosure, or Thunderbird\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n \n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956,\n CVE-2012-3992, CVE-2012-3994)\n \n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Thunderbird to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n \n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n \n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n \n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.8 ESR, which corrects these issues. After\n installing the update, Thunderbird must be restarted for the changes to\n take effect.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018929.html\");\n script_id(881514);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:03:01 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1351\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1351 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-14T16:15:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Oracle Linux Local Security Checks ELSA-2012-1351", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123804", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1351.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123804\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:46 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1351\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1351 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1351\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1351.html\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~1.0.2.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-14T16:24:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:1361412562310870844", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870844", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2012:1351-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2012:1351-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00012.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870844\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:00:57 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:1351-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2012:1351-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed content. Malicious\n content could cause Thunderbird to crash or, potentially, execute arbitrary\n code with the privileges of the user running Thunderbird. (CVE-2012-3982,\n CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180,\n CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\n CVE-2012-4187, CVE-2012-4188)\n\n Two flaws in Thunderbird could allow malicious content to bypass intended\n restrictions, possibly leading to information disclosure, or Thunderbird\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n\n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956,\n CVE-2012-3992, CVE-2012-3994)\n\n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.8 ESR, which corrects these issues. After\n installing the update, Thunderbird must be restarted for the changes to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Check for the Version of firefox", "modified": "2018-01-01T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:881513", "href": "http://plugins.openvas.org/nasl.php?oid=881513", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1350 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1350 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\n CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\n CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n \n Two flaws in Firefox could allow a malicious website to bypass intended\n restrictions, possibly leading to information disclosure, or Firefox\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n \n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\n CVE-2012-3994)\n \n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n \n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n \n This update also fixes the following bug:\n \n * In certain environments, storing personal Firefox configuration files\n (~/.mozilla/) on an NFS share, such as when your home directory is on a\n NFS share, led to Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not saving. This update\n adds a new configuration option, storage.nfs_filesystem, that can be used\n to resolve this issue.\n \n If you experience this issue:\n \n 1) Start Firefox.\n \n 2) Type "about:config" (without quotes) into the URL bar and press the\n Enter key.\n \n 3) If prompted with "This might void your warranty!", click the "I'll be\n careful, I promise!" button.\n \n 4) Right-click in the ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-October/018930.html\");\n script_id(881513);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:02:34 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:1350\");\n script_name(\"CentOS Update for firefox CESA-2012:1350 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-14T16:25:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:1361412562310881513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881513", "type": "openvas", "title": "CentOS Update for firefox CESA-2012:1350 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2012:1350 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018930.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881513\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:02:34 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2012:1350\");\n script_name(\"CentOS Update for firefox CESA-2012:1350 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\n CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\n CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n\n Two flaws in Firefox could allow a malicious website to bypass intended\n restrictions, possibly leading to information disclosure, or Firefox\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n\n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\n CVE-2012-3994)\n\n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Christian Holler, Jesse Ruderman, Soroush Dalili,\n miaubiz, Abhishek Arya, Atte Kettunen, Johnny Stenback, Alice White,\n moz_bug_r_a4, and Mariusz Mlynski as the original reporters of these\n issues.\n\n This update also fixes the following bug:\n\n * In certain environments, storing personal Firefox configuration files\n (~/.mozilla/) on an NFS share, such as when your home directory is on a\n NFS share, led to Firefox functioning incorrectly, for example, navigation\n buttons not working as expected, and bookmarks not saving. This update\n adds a new configuration option, storage.nfs_filesystem, that can be used\n to resolve this issue.\n\n If you experience this issue:\n\n 1) Start Firefox.\n\n 2) Type 'about:config' (without quotes) into the URL bar and press the\n Enter key.\n\n 3) If prompted with 'This might void your warranty!', click the 'I'll be\n careful, I promise!' button.\n\n 4) Right-click in the ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Check for the Version of firefox", "modified": "2017-12-28T00:00:00", "published": "2012-10-11T00:00:00", "id": "OPENVAS:870843", "href": "http://plugins.openvas.org/nasl.php?oid=870843", "type": "openvas", "title": "RedHat Update for firefox RHSA-2012:1350-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2012:1350-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995,\n CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183,\n CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188)\n\n Two flaws in Firefox could allow a malicious website to bypass intended\n restrictions, possibly leading to information disclosure, or Firefox\n executing arbitrary code. Note that the information disclosure issue could\n possibly be combined with other flaws to achieve arbitrary code execution.\n (CVE-2012-3986, CVE-2012-3991)\n\n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992,\n CVE-2012-3994)\n\n Two flaws were found in the way Chrome Object Wrappers were implemented.\n Malicious content could be used to perform cross-site scripting attacks or\n cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.8 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00011.html\");\n script_id(870843);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-11 10:00:28 +0530 (Thu, 11 Oct 2012)\");\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:1350-01\");\n script_name(\"RedHat Update for firefox RHSA-2012:1350-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.8~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.8~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.8~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.8~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.8~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.8~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-17T13:46:53", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 14, "published": "2012-10-11T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20121009)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2012-10-11T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20121009_THUNDERBIRD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/62493", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62493);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20121009)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1210&L=scientific-linux-errata&T=0&P=1502\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4796b444\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-10.0.8-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-10.0.8-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:47:13", "description": "From Red Hat Security Advisory 2012:1350 :\n\nUpdated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 20, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : firefox (ELSA-2012-1350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2012-1350.NASL", "href": "https://www.tenable.com/plugins/nessus/68635", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1350 and \n# Oracle Linux Security Advisory ELSA-2012-1350 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68635);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260);\n script_xref(name:\"RHSA\", value:\"2012:1350\");\n\n script_name(english:\"Oracle Linux 5 / 6 : firefox (ELSA-2012-1350)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1350 :\n\nUpdated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003073.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"firefox-10.0.8-1.0.2.el5_8\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-10.0.8-1.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-10.0.8-1.0.1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-10.0.8-1.0.2.el6_3\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-10.0.8-1.0.1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-10.0.8-1.0.1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:28:03", "description": "Updated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 26, "published": "2012-10-11T00:00:00", "title": "CentOS 5 / 6 : firefox (CESA-2012:1350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2012-10-11T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:xulrunner-devel", "p-cpe:/a:centos:centos:xulrunner", "p-cpe:/a:centos:centos:firefox", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1350.NASL", "href": "https://www.tenable.com/plugins/nessus/62484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1350 and \n# CentOS Errata and Security Advisory 2012:1350 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62484);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260, 55856);\n script_xref(name:\"RHSA\", value:\"2012:1350\");\n\n script_name(english:\"CentOS 5 / 6 : firefox (CESA-2012:1350)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018928.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5fbc7f67\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018930.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dcec6839\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-3982\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-10.0.8-1.el5.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-devel-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"firefox-10.0.8-1.el6.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-10.0.8-1.el6.centos\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"xulrunner-devel-10.0.8-1.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:11:14", "description": "An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 22, "published": "2012-10-10T00:00:00", "title": "RHEL 5 / 6 : thunderbird (RHSA-2012:1351)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2012-10-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1351.NASL", "href": "https://www.tenable.com/plugins/nessus/62473", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1351. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62473);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260);\n script_xref(name:\"RHSA\", value:\"2012:1351\");\n\n script_name(english:\"RHEL 5 / 6 : thunderbird (RHSA-2012:1351)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4181\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4182\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1351\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:11:14", "description": "Updated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 24, "published": "2012-10-10T00:00:00", "title": "RHEL 5 / 6 : firefox (RHSA-2012:1350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2012-10-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1350.NASL", "href": "https://www.tenable.com/plugins/nessus/62472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1350. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62472);\n script_version(\"1.33\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260);\n script_xref(name:\"RHSA\", value:\"2012:1350\");\n\n script_name(english:\"RHEL 5 / 6 : firefox (RHSA-2012:1350)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix several security issues and one bug\nare now available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Firefox could allow a malicious website to bypass\nintended restrictions, possibly leading to information disclosure, or\nFirefox executing arbitrary code. Note that the information disclosure\nissue could possibly be combined with other flaws to achieve arbitrary\ncode execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Firefox to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.8 ESR. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nThis update also fixes the following bug :\n\n* In certain environments, storing personal Firefox configuration\nfiles (~/.mozilla/) on an NFS share, such as when your home directory\nis on a NFS share, led to Firefox functioning incorrectly, for\nexample, navigation buttons not working as expected, and bookmarks not\nsaving. This update adds a new configuration option,\nstorage.nfs_filesystem, that can be used to resolve this issue.\n\nIf you experience this issue :\n\n1) Start Firefox.\n\n2) Type 'about:config' (without quotes) into the URL bar and press the\nEnter key.\n\n3) If prompted with 'This might void your warranty!', click the 'I'll\nbe careful, I promise!' button.\n\n4) Right-click in the Preference Name list. In the menu that opens,\nselect New -> Boolean.\n\n5) Type 'storage.nfs_filesystem' (without quotes) for the preference\nname and then click the OK button.\n\n6) Select 'true' for the boolean value and then press the OK button.\n(BZ#809571, BZ#816234)\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.8 ESR, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a134523f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4181\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-3995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4182\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1350\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-debuginfo-10.0.8-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-10.0.8-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-debuginfo-10.0.8-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-10.0.8-1.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-debuginfo-10.0.8-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-10.0.8-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-10.0.8-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-10.0.8-1.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:47:13", "description": "From Red Hat Security Advisory 2012:1351 :\n\nAn updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 19, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : thunderbird (ELSA-2012-1351)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2012-1351.NASL", "href": "https://www.tenable.com/plugins/nessus/68636", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1351 and \n# Oracle Linux Security Advisory ELSA-2012-1351 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68636);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260);\n script_xref(name:\"RHSA\", value:\"2012:1351\");\n\n script_name(english:\"Oracle Linux 6 : thunderbird (ELSA-2012-1351)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1351 :\n\nAn updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003071.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-10.0.8-1.0.1.el6_3\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:28:03", "description": "An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 22, "published": "2012-10-11T00:00:00", "title": "CentOS 5 / 6 : thunderbird (CESA-2012:1351)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-1956", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2012-10-11T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:thunderbird", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-1351.NASL", "href": "https://www.tenable.com/plugins/nessus/62485", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1351 and \n# CentOS Errata and Security Advisory 2012:1351 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62485);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-1956\", \"CVE-2012-3982\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\");\n script_bugtraq_id(55260, 55856);\n script_xref(name:\"RHSA\", value:\"2012:1351\");\n\n script_name(english:\"CentOS 5 / 6 : thunderbird (CESA-2012:1351)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990,\nCVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181,\nCVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186,\nCVE-2012-4187, CVE-2012-4188)\n\nTwo flaws in Thunderbird could allow malicious content to bypass\nintended restrictions, possibly leading to information disclosure, or\nThunderbird executing arbitrary code. Note that the information\ndisclosure issue could possibly be combined with other flaws to\nachieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991)\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, script injection, or spoofing attacks.\n(CVE-2012-1956, CVE-2012-3992, CVE-2012-3994)\n\nTwo flaws were found in the way Chrome Object Wrappers were\nimplemented. Malicious content could be used to perform cross-site\nscripting attacks or cause Thunderbird to execute arbitrary code.\n(CVE-2012-3993, CVE-2012-4184)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Christian Holler, Jesse Ruderman,\nSoroush Dalili, miaubiz, Abhishek Arya, Atte Kettunen, Johnny\nStenback, Alice White, moz_bug_r_a4, and Mariusz Mlynski as the\noriginal reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.8 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018929.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eeb1b56e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-October/018931.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bfd09ffd\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-3982\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"thunderbird-10.0.8-1.el5.centos\", allowmaj:TRUE)) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-10.0.8-1.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:48:17", "description": "The installed version of Firefox 10.0.x is affected by the following\nvulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple,\n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple,\n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)", "edition": 25, "published": "2012-10-17T00:00:00", "title": "Firefox 10.0.x < 10.0.8 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_1008.NASL", "href": "https://www.tenable.com/plugins/nessus/62579", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62579);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-3982\",\n \"CVE-2012-3983\",\n \"CVE-2012-3986\",\n \"CVE-2012-3988\",\n \"CVE-2012-3990\",\n \"CVE-2012-3991\",\n \"CVE-2012-3992\",\n \"CVE-2012-3993\",\n \"CVE-2012-3994\",\n \"CVE-2012-3995\",\n \"CVE-2012-4179\",\n \"CVE-2012-4180\",\n \"CVE-2012-4181\",\n \"CVE-2012-4182\",\n \"CVE-2012-4183\",\n \"CVE-2012-4184\",\n \"CVE-2012-4185\",\n \"CVE-2012-4186\",\n \"CVE-2012-4187\",\n \"CVE-2012-4188\"\n );\n script_bugtraq_id(\n 55922,\n 55924,\n 55930,\n 55931,\n 56118,\n 56119,\n 56120,\n 56121,\n 56123,\n 56125,\n 56126,\n 56127,\n 56128,\n 56129,\n 56130,\n 56131,\n 56135,\n 56136,\n 56140,\n 56145\n );\n\n script_name(english:\"Firefox 10.0.x < 10.0.8 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox 10.0.x is affected by the following\nvulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple,\n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple,\n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 10.0.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4188\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:TRUE, fix:'10.0.8', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:52:02", "description": "The installed version of Thunderbird 10.0.x is affected by the\nfollowing vulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)", "edition": 25, "published": "2012-10-17T00:00:00", "title": "Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_1008.NASL", "href": "https://www.tenable.com/plugins/nessus/62581", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62581);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-3982\",\n \"CVE-2012-3983\",\n \"CVE-2012-3986\",\n \"CVE-2012-3988\",\n \"CVE-2012-3990\",\n \"CVE-2012-3991\",\n \"CVE-2012-3992\",\n \"CVE-2012-3993\",\n \"CVE-2012-3994\",\n \"CVE-2012-3995\",\n \"CVE-2012-4179\",\n \"CVE-2012-4180\",\n \"CVE-2012-4181\",\n \"CVE-2012-4182\",\n \"CVE-2012-4183\",\n \"CVE-2012-4184\",\n \"CVE-2012-4185\",\n \"CVE-2012-4186\",\n \"CVE-2012-4187\",\n \"CVE-2012-4188\"\n );\n script_bugtraq_id(\n 55922,\n 55924,\n 55930,\n 55931,\n 56118,\n 56119,\n 56120,\n 56121,\n 56123,\n 56125,\n 56126,\n 56127,\n 56128,\n 56129,\n 56130,\n 56131,\n 56135,\n 56136,\n 56140,\n 56145\n );\n\n script_name(english:\"Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.0.x is affected by the\nfollowing vulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird 10.0.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4188\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:TRUE, fix:'10.0.8', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:40:37", "description": "The installed version of Thunderbird 10.0.x is affected by the\nfollowing vulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)", "edition": 25, "published": "2012-10-17T00:00:00", "title": "Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_10_0_8.NASL", "href": "https://www.tenable.com/plugins/nessus/62577", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62577);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\n \"CVE-2012-3982\",\n \"CVE-2012-3983\",\n \"CVE-2012-3986\",\n \"CVE-2012-3988\",\n \"CVE-2012-3990\",\n \"CVE-2012-3991\",\n \"CVE-2012-3992\",\n \"CVE-2012-3993\",\n \"CVE-2012-3994\",\n \"CVE-2012-3995\",\n \"CVE-2012-4179\",\n \"CVE-2012-4180\",\n \"CVE-2012-4181\",\n \"CVE-2012-4182\",\n \"CVE-2012-4183\",\n \"CVE-2012-4184\",\n \"CVE-2012-4185\",\n \"CVE-2012-4186\",\n \"CVE-2012-4187\",\n \"CVE-2012-4188\"\n );\n script_bugtraq_id(\n 55922,\n 55924,\n 55930,\n 55931,\n 56118,\n 56119,\n 56120,\n 56121,\n 56123,\n 56125,\n 56126,\n 56127,\n 56128,\n 56129,\n 56130,\n 56131,\n 56135,\n 56136,\n 56140,\n 56145\n );\n\n script_name(english:\"Mozilla Thunderbird 10.0.x < 10.0.8 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a mail client that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.0.x is affected by the\nfollowing vulnerabilities :\n\n - Several memory safety bugs exist in the browser engine \n used in Mozilla-based products that could be exploited \n to execute arbitrary code. (CVE-2012-3983)\n\n - Some methods of a feature used for testing \n (DOMWindowUtils) are not properly protected and may be \n called through script by web pages. (CVE-2012-3986)\n\n - A potentially exploitable denial of service may be \n caused by a combination of invoking full-screen mode and \n navigating backwards in history. (CVE-2012-3988)\n\n - When the 'GetProperty' function is invoked through JSAP, \n security checking can by bypassed when getting cross-\n origin properties, potentially allowing arbitrary code \n execution. (CVE-2012-3991)\n\n - The 'location' property can be accessed by binary \n plugins through 'top.location' and 'top' can be shadowed \n by 'Object.defineProperty', potentially allowing cross-\n site scripting attacks through plugins. (CVE-2012-3994)\n\n - The Chrome Object Wrapper (COW) has flaws that could \n allow access to privileged functions, allowing for cross-\n site scripting attacks or arbitrary code execution. \n (CVE-2012-3993, CVE-2012-4184)\n\n - The 'location.hash' property is vulnerable to an attack \n that could allow an attacker to inject script or \n intercept post data. (CVE-2012-3992)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable use-after-free flaws. \n (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, \n CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, \n CVE-2012-4183)\n\n - The 'Address Sanitizer' tool is affected by multiple, \n potentially exploitable heap memory corruption issues. \n (CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, \n CVE-2012-4188)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-87/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-86/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-85/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-84/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-83/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-82/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-81/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-79/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-77/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-74/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mozilla Thunderbird 10.0.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4188\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, fix:'10.0.8', min:'10.0', severity:SECURITY_HOLE, xss:TRUE);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:44:15", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others \ndiscovered several memory corruption flaws in Firefox. If a user were \ntricked into opening a specially crafted web page, a remote attacker could \ncause Firefox to crash or potentially execute arbitrary code as the user \ninvoking the program. (CVE-2012-3982, CVE-2012-3983, CVE-2012-3988, \nCVE-2012-3989)\n\nDavid Bloom and Jordi Chancel discovered that Firefox did not always \nproperly handle the element. A remote attacker could exploit this \nto conduct URL spoofing and clickjacking attacks. (CVE-2012-3984)\n\nCollin Jackson discovered that Firefox did not properly follow the HTML5 \nspecification for document.domain behavior. A remote attacker could exploit \nthis to conduct cross-site scripting (XSS) attacks via javascript \nexecution. (CVE-2012-3985)\n\nJohnny Stenback discovered that Firefox did not properly perform security \nchecks on test methods for DOMWindowUtils. (CVE-2012-3986)\n\nAlice White discovered that the security checks for GetProperty could be \nbypassed when using JSAPI. If a user were tricked into opening a specially \ncrafted web page, a remote attacker could exploit this to execute arbitrary \ncode as the user invoking the program. (CVE-2012-3991)\n\nMariusz Mlynski discovered a history state error in Firefox. A remote \nattacker could exploit this to spoof the location property to inject script \nor intercept posted data. (CVE-2012-3992)\n\nMariusz Mlynski and others discovered several flaws in Firefox that allowed \na remote attacker to conduct cross-site scripting (XSS) attacks. \n(CVE-2012-3993, CVE-2012-3994, CVE-2012-4184)\n\nAbhishek Arya, Atte Kettunen and others discovered several memory flaws in \nFirefox when using the Address Sanitizer tool. If a user were tricked into \nopening a specially crafted web page, a remote attacker could cause Firefox \nto crash or potentially execute arbitrary code as the user invoking the \nprogram. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, \nCVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, \nCVE-2012-4187, CVE-2012-4188)", "edition": 5, "modified": "2012-10-09T00:00:00", "published": "2012-10-09T00:00:00", "id": "USN-1600-1", "href": "https://ubuntu.com/security/notices/USN-1600-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:40:17", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others \ndiscovered several memory corruption flaws in Thunderbird. If a user were \ntricked into opening a malicious website and had JavaScript enabled, an \nattacker could exploit these to execute arbitrary JavaScript code within \nthe context of another website or arbitrary code as the user invoking the \nprogram. (CVE-2012-3982, CVE-2012-3983, CVE-2012-3988, CVE-2012-3989, \nCVE-2012-4191)\n\nDavid Bloom and Jordi Chancel discovered that Thunderbird did not always \nproperly handle the element. If a user were tricked into opening a \nmalicious website and had JavaScript enabled, a remote attacker could \nexploit this to conduct URL spoofing and clickjacking attacks. \n(CVE-2012-3984)\n\nCollin Jackson discovered that Thunderbird did not properly follow the \nHTML5 specification for document.domain behavior. If a user were tricked \ninto opening a malicious website and had JavaScript enabled, a remote \nattacker could exploit this to conduct cross-site scripting (XSS) attacks \nvia JavaScript execution. (CVE-2012-3985)\n\nJohnny Stenback discovered that Thunderbird did not properly perform \nsecurity checks on test methods for DOMWindowUtils. (CVE-2012-3986)\n\nAlice White discovered that the security checks for GetProperty could be \nbypassed when using JSAPI. If a user were tricked into opening a specially \ncrafted web page and had JavaScript enabled, a remote attacker could \nexploit this to execute arbitrary code as the user invoking the program. \n(CVE-2012-3991)\n\nMariusz Mlynski discovered a history state error in Thunderbird. If a user \nwere tricked into opening a malicious website and had JavaScript enabled, a \nremote attacker could exploit this to spoof the location property to inject \nscript or intercept posted data. (CVE-2012-3992)\n\nMariusz Mlynski and others discovered several flaws in Thunderbird that \nallowed a remote attacker to conduct cross-site scripting (XSS) attacks. \nWith cross-site scripting vulnerabilities, if a user were tricked into \nviewing a specially crafted page and had JavaScript enabled, a remote \nattacker could exploit these to modify the contents, or steal confidential \ndata, within the same domain. (CVE-2012-3993, CVE-2012-3994, CVE-2012-4184)\n\nAbhishek Arya, Atte Kettunen and others discovered several memory flaws in \nThunderbird when using the Address Sanitizer tool. If a user were tricked \ninto opening a malicious website and had JavaScript enabled, an attacker \ncould exploit these to execute arbitrary JavaScript code within the context \nof another website or execute arbitrary code as the user invoking the \nprogram. (CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, \nCVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, \nCVE-2012-4187, CVE-2012-4188)\n\nIt was discovered that Thunderbird allowed improper access to the Location \nobject. An attacker could exploit this to obtain sensitive information. \nUnder certain circumstances, a remote attacker could use this vulnerability \nto potentially execute arbitrary code as the user invoking the program. \n(CVE-2012-4192, CVE-2012-4193)", "edition": 5, "modified": "2012-10-12T00:00:00", "published": "2012-10-12T00:00:00", "id": "USN-1611-1", "href": "https://ubuntu.com/security/notices/USN-1611-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:16:36", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-3991", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-3982", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2569-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nOctober 29, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icedove\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3982 CVE-2012-3986 CVE-2012-3990 CVE-2012-3991\n \t CVE-2012-4179 CVE-2012-4180 CVE-2012-4182 CVE-2012-4186\n\t\t CVE-2012-4188\n\nMultiple vulnerabilities have been discovered in Icedove, Debian's\nversion of the Mozilla Thunderbird mail client. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2012-3982\n\tMultiple unspecified vulnerabilities in the browser engine\n\tallow remote attackers to cause a denial of service (memory\n\tcorruption and application crash) or possibly execute\n\tarbitrary code via unknown vectors.\n\nCVE-2012-3986\n\tIcedove does not properly restrict calls to DOMWindowUtils\n methods, which allows remote attackers to bypass intended\n access restrictions via crafted JavaScript code.\n\nCVE-2012-3990\n\tA Use-after-free vulnerability in the IME State Manager\n\timplementation allows remote attackers to execute arbitrary\n\tcode via unspecified vectors, related to the\n\tnsIContent::GetNameSpaceID function.\n\nCVE-2012-3991\n\tIcedove does not properly restrict JSAPI access to the\n\tGetProperty function, which allows remote attackers to bypass\n\tthe Same Origin Policy and possibly have unspecified other\n\timpact via a crafted web site.\n\nCVE-2012-4179\n\tA use-after-free vulnerability in the\n\tnsHTMLCSSUtils::CreateCSSPropertyTxn function allows remote\n\tattackers to execute arbitrary code or cause a denial of\n\tservice (heap memory corruption) via unspecified vectors.\n\nCVE-2012-4180\n\tA heap-based buffer overflow in the\n\tnsHTMLEditor::IsPrevCharInNodeWhitespace function allows\n\tremote attackers to execute arbitrary code via unspecified\n\tvectors.\n\nCVE-2012-4182\n\tA use-after-free vulnerability in the\n\tnsTextEditRules::WillInsert function allows remote attackers\n\tto execute arbitrary code or cause a denial of service (heap\n\tmemory corruption) via unspecified vectors.\n\nCVE-2012-4186\n\tA heap-based buffer overflow in the\n\tnsWav-eReader::DecodeAudioData function allows remote attackers\n\tto execute arbitrary code via unspecified vectors.\n\nCVE-2012-4188\n\tA heap-based buffer overflow in the Convolve3x3 function\n\tallows remote attackers to execute arbitrary code via\n\tunspecified vectors.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.0.11-1+squeeze14.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 10.0.9-1.\n\nWe recommend that you upgrade your icedove packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 12, "modified": "2012-10-29T20:57:59", "published": "2012-10-29T20:57:59", "id": "DEBIAN:DSA-2569-1:F36D1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00213.html", "title": "[SECURITY] [DSA 2569-1] icedove security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:22:11", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-3991", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-3982", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2565-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nOctober 23, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2012-3982 CVE-2012-3986 CVE-2012-3990 CVE-2012-3991\n CVE-2012-4179 CVE-2012-4180 CVE-2012-4182 CVE-2012-4186\n\t\t CVE-2012-4188\n\nMultiple vulnerabilities have been discovered in Iceweasel, Debian's\nversion of the Mozilla Firefox web browser. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2012-3982\n\tMultiple unspecified vulnerabilities in the browser engine\n\tallow remote attackers to cause a denial of service (memory\n\tcorruption and application crash) or possibly execute\n\tarbitrary code via unknown vectors.\n\nCVE-2012-3986\n\tIceweasel does not properly restrict calls to DOMWindowUtils\n methods, which allows remote attackers to bypass intended\n access restrictions via crafted JavaScript code.\n\nCVE-2012-3990\n\tA Use-after-free vulnerability in the IME State Manager\n\timplementation allows remote attackers to execute arbitrary\n\tcode via unspecified vectors, related to the\n\tnsIContent::GetNameSpaceID function.\n\nCVE-2012-3991\n\tIceweasel does not properly restrict JSAPI access to the\n\tGetProperty function, which allows remote attackers to bypass\n\tthe Same Origin Policy and possibly have unspecified other\n\timpact via a crafted web site.\n\nCVE-2012-4179\n\tA use-after-free vulnerability in the\n\tnsHTMLCSSUtils::CreateCSSPropertyTxn function allows remote\n\tattackers to execute arbitrary code or cause a denial of\n\tservice (heap memory corruption) via unspecified vectors.\n\nCVE-2012-4180\n\tA heap-based buffer overflow in the\n\tnsHTMLEditor::IsPrevCharInNodeWhitespace function allows\n\tremote attackers to execute arbitrary code via unspecified\n\tvectors.\n\nCVE-2012-4182\n\tA use-after-free vulnerability in the\n\tnsTextEditRules::WillInsert function allows remote attackers\n\tto execute arbitrary code or cause a denial of service (heap\n\tmemory corruption) via unspecified vectors.\n\nCVE-2012-4186\n\tA heap-based buffer overflow in the\n\tnsWav-eReader::DecodeAudioData function allows remote attackers\n\tto execute arbitrary code via unspecified vectors.\n\nCVE-2012-4188\n\tA heap-based buffer overflow in the Convolve3x3 function\n\tallows remote attackers to execute arbitrary code via\n\tunspecified vectors.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 3.5.16-19.\n\nFor the testing distribution (wheezy) and the unstable distribution\n(sid), these problems have been fixed in version 10.0.8esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2012-10-23T19:46:21", "published": "2012-10-23T19:46:21", "id": "DEBIAN:DSA-2565-1:E3FBE", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00209.html", "title": "[SECURITY] [DSA 2565-1] iceweasel security update", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-12T01:01:55", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3986", "CVE-2012-3991", "CVE-2012-4186", "CVE-2012-4182", "CVE-2012-3982", "CVE-2012-3959", "CVE-2012-4180", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2572-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nNovember 4, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceape\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-3982 CVE-2012-3986 CVE-2012-3990 CVE-2012-3991 \n CVE-2012-4179 CVE-2012-4180 CVE-2012-4182 CVE-2012-4186\n CVE-2012-4188\n\nSeveral vulnerabilities have been discovered in Iceape, an internet\nsuite based on Seamonkey:\n\nCVE-2012-3982\n Multiple unspecified vulnerabilities in the browser engine\n allow remote attackers to cause a denial of service (memory\n corruption and application crash) or possibly execute\n arbitrary code via unknown vectors.\n\nCVE-2012-3986\n Icedove does not properly restrict calls to DOMWindowUtils\n methods, which allows remote attackers to bypass intended\n access restrictions via crafted JavaScript code.\n\nCVE-2012-3990\n A Use-after-free vulnerability in the IME State Manager\n implementation allows remote attackers to execute arbitrary\n code via unspecified vectors, related to the\n nsIContent::GetNameSpaceID function.\n\nCVE-2012-3991\n Icedove does not properly restrict JSAPI access to the\n GetProperty function, which allows remote attackers to bypass\n the Same Origin Policy and possibly have unspecified other\n impact via a crafted web site.\n\nCVE-2012-4179\n A use-after-free vulnerability in the\n nsHTMLCSSUtils::CreateCSSPropertyTxn function allows remote\n attackers to execute arbitrary code or cause a denial of\n service (heap memory corruption) via unspecified vectors.\n\nCVE-2012-4180\n A heap-based buffer overflow in the\n nsHTMLEditor::IsPrevCharInNodeWhitespace function allows\n remote attackers to execute arbitrary code via unspecified\n vectors.\n\nCVE-2012-4182\n A use-after-free vulnerability in the\n nsTextEditRules::WillInsert function allows remote attackers\n to execute arbitrary code or cause a denial of service (heap\n memory corruption) via unspecified vectors.\n\nCVE-2012-4186\n A heap-based buffer overflow in the\n nsWav-eReader::DecodeAudioData function allows remote attackers\n to execute arbitrary code via unspecified vectors.\n\nCVE-2012-4188\n A heap-based buffer overflow in the Convolve3x3 function\n allows remote attackers to execute arbitrary code via\n unspecified vectors.\n\nAdditionally, this update fixes a regression in the patch for\nCVE-2012-3959, released in DSA-2554-1.\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 2.0.11-16.\n\nFor the testing distribution (wheezy), these problems have been fixed in\nversion 10.0.10esr-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 10.0.10esr-1.\n\nWe recommend that you upgrade your iceape packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2012-11-04T18:59:43", "published": "2012-11-04T18:59:43", "id": "DEBIAN:DSA-2572-1:34217", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00216.html", "title": "[SECURITY] [DSA 2572-1] iceape security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:18:43", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "The Mozilla suite received following security updates\n (bnc#783533):\n\n Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey\n was updated to 2.13.1. Mozilla Thunderbird was updated to\n 16.0.1. Mozilla XULRunner was updated to 16.0.1.\n\n * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous\n memory safety hazards\n * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952,\n bmo#720619) defaultValue security checks not applied\n * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous\n memory safety hazards\n * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element\n persistance allows for attacks\n * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued\n access to initial origin after setting document.domain\n * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some\n DOMWindowUtils methods bypass security checks\n * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash\n with full screen and history navigation\n * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with\n invalid cast when using instanceof operator\n * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty\n function can bypass security checks\n * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and\n location property accessible by plugins\n * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101,\n bmo#780370) Chrome Object Wrapper (COW) does not\n disallow acces to privileged functions or properties\n * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and\n script injection through location.hash\n * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/\n CVE-2012-4181/CVE-2012-4182/CVE-2012-4183\n Use-after-free, buffer overflow, and out of bounds read\n issues found using Address Sanitizer\n * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/\n CVE-2012-4188 Heap memory corruption issues found using\n Address Sanitizer\n * MFSA 2012-87/CVE-2012-3990 (bmo#787704)\n\n", "edition": 1, "modified": "2012-10-15T15:08:30", "published": "2012-10-15T15:08:30", "id": "OPENSUSE-SU-2012:1345-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00008.html", "type": "suse", "title": "MozillaFirefox: update to Firefox 16.0.1 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-3977", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "MozillaFirefox was updated to the 10.0.9ESR security\n release which fixes bugs and security issues:\n\n *\n\n MFSA 2012-73 / CVE-2012-3977: Security researchers\n Thai Duong and Juliano Rizzo reported that SPDY's request\n header compression leads to information leakage, which can\n allow the extraction of private data such as session\n cookies, even over an encrypted SSL connection. (This does\n not affect Firefox 10 as it does not feature the SPDY\n extension. It was silently fixed for Firefox 15.)\n\n *\n\n MFSA 2012-74: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n In general these flaws cannot be exploited through\n email in the Thunderbird and SeaMonkey products because\n scripting is disabled, but are potentially a risk in\n browser or browser-like contexts in those products.\n\n *\n\n CVE-2012-3983: Henrik Skupin, Jesse Ruderman and\n moz_bug_r_a4 reported memory safety problems and crashes\n that affect Firefox 15.\n\n *\n\n CVE-2012-3982: Christian Holler and Jesse Ruderman\n reported memory safety problems and crashes that affect\n Firefox ESR 10 and Firefox 15.\n\n *\n\n MFSA 2012-75 / CVE-2012-3984: Security researcher\n David Bloom of Cue discovered that "select" elements are\n always-on-top chromeless windows and that navigation away\n from a page with an active "select" menu does not remove\n this window.When another menu is opened programmatically on\n a new page, the original "select" menu can be retained and\n arbitrary HTML content within it rendered, allowing an\n attacker to cover arbitrary portions of the new page\n through absolute positioning/scrolling, leading to spoofing\n attacks. Security researcher Jordi Chancel found a\n variation that would allow for click-jacking attacks was\n well.\n\n In general these flaws cannot be exploited through\n email in the Thunderbird and SeaMonkey products because\n scripting is disabled, but are potentially a risk in\n browser or browser-like contexts in those products.\n References\n\n Navigation away from a page with an active "select"\n dropdown menu can be used for URL spoofing, other evil\n\n Firefox 10.0.1 : Navigation away from a page with\n multiple active "select" dropdown menu can be used for\n Spoofing And ClickJacking with XPI using window.open and\n geolocalisation\n\n *\n\n MFSA 2012-76 / CVE-2012-3985: Security researcher\n Collin Jackson reported a violation of the HTML5\n specifications for document.domain behavior. Specified\n behavior requires pages to only have access to windows in a\n new document.domain but the observed violation allowed\n pages to retain access to windows from the page's initial\n origin in addition to the new document.domain. This could\n potentially lead to cross-site scripting (XSS) attacks.\n\n *\n\n MFSA 2012-77 / CVE-2012-3986: Mozilla developer\n Johnny Stenback discovered that several methods of a\n feature used for testing (DOMWindowUtils) are not protected\n by existing security checks, allowing these methods to be\n called through script by web pages. This was addressed by\n adding the existing security checks to these methods.\n\n *\n\n MFSA 2012-78 / CVE-2012-3987: Security researcher\n Warren He reported that when a page is transitioned into\n Reader Mode in Firefox for Android, the resulting page has\n chrome privileges and its content is not thoroughly\n sanitized. A successful attack requires user enabling of\n reader mode for a malicious page, which could then perform\n an attack similar to cross-site scripting (XSS) to gain the\n privileges allowed to Firefox on an Android device. This\n has been fixed by changing the Reader Mode page into an\n unprivileged page.\n\n This vulnerability only affects Firefox for Android.\n\n *\n\n MFSA 2012-79 / CVE-2012-3988: Security researcher\n Soroush Dalili reported that a combination of invoking full\n screen mode and navigating backwards in history could, in\n some circumstances, cause a hang or crash due to a timing\n dependent use-after-free pointer reference. This crash may\n be potentially exploitable.\n\n *\n\n MFSA 2012-80 / CVE-2012-3989: Mozilla community\n member Ms2ger reported a crash due to an invalid cast when\n using the instanceof operator on certain types of\n JavaScript objects. This can lead to a potentially\n exploitable crash.\n\n *\n\n MFSA 2012-81 / CVE-2012-3991: Mozilla community\n member Alice White reported that when the GetProperty\n function is invoked through JSAPI, security checking can be\n bypassed when getting cross-origin properties. This\n potentially allowed for arbitrary code execution.\n\n *\n\n MFSA 2012-82 / CVE-2012-3994: Security researcher\n Mariusz Mlynski reported that the location property can be\n accessed by binary plugins through top.location and top can\n be shadowed by Object.defineProperty as well. This can\n allow for possible cross-site scripting (XSS) attacks\n through plugins.\n\n *\n\n MFSA 2012-83: Security researcher Mariusz Mlynski\n reported that when InstallTrigger fails, it throws an error\n wrapped in a Chrome Object Wrapper (COW) that fails to\n specify exposed properties. These can then be added to the\n resulting object by an attacker, allowing access to chrome\n privileged functions through script.\n\n While investigating this issue, Mozilla security\n researcher moz_bug_r_a4 found that COW did not disallow\n accessing of properties from a standard prototype in some\n situations, even when the original issue had been fixed.\n\n These issues could allow for a cross-site scripting\n (XSS) attack or arbitrary code execution.\n\n *\n\n CVE-2012-3993: XrayWrapper pollution via unsafe COW\n\n *\n\n CVE-2012-4184: ChromeObjectWrapper is not implemented\n as intended\n\n *\n\n MFSA 2012-84 / CVE-2012-3992: Security researcher\n Mariusz Mlynski reported an issue with spoofing of the\n location property. In this issue, writes to location.hash\n can be used in concert with scripted history navigation to\n cause a specific website to be loaded into the history\n object. The baseURI can then be changed to this stored\n site, allowing an attacker to inject a script or intercept\n posted data posted to a location specified with a relative\n path.\n\n *\n\n MFSA 2012-85: Security researcher Abhishek Arya\n (Inferno) of the Google Chrome Security Team discovered a\n series of use-after-free, buffer overflow, and out of\n bounds read issues using the Address Sanitizer tool in\n shipped software. These issues are potentially exploitable,\n allowing for remote code execution. We would also like to\n thank Abhishek for reporting two additional use-after-free\n flaws introduced during Firefox 16 development and fixed\n before general release.\n\n *\n\n CVE-2012-3995: Out of bounds read in\n IsCSSWordSpacingSpace\n\n *\n\n CVE-2012-4179: Heap-use-after-free in\n nsHTMLCSSUtils::CreateCSSPropertyTxn\n\n *\n\n CVE-2012-4180: Heap-buffer-overflow in\n nsHTMLEditor::IsPrevCharInNodeWhitespace\n\n *\n\n CVE-2012-4181: Heap-use-after-free in\n nsSMILAnimationController::DoSample\n\n *\n\n CVE-2012-4182: Heap-use-after-free in\n nsTextEditRules::WillInsert\n\n *\n\n CVE-2012-4183: Heap-use-after-free in\n DOMSVGTests::GetRequiredFeatures\n\n *\n\n MFSA 2012-86: Security researcher Atte Kettunen from\n OUSPG reported several heap memory corruption issues found\n using the Address Sanitizer tool. These issues are\n potentially exploitable, allowing for remote code execution.\n\n *\n\n CVE-2012-4185: Global-buffer-overflow in\n nsCharTraits::length\n\n *\n\n CVE-2012-4186: Heap-buffer-overflow in\n nsWaveReader::DecodeAudioData\n\n *\n\n CVE-2012-4187: Crash with ASSERTION: insPos too small\n\n *\n\n CVE-2012-4188: Heap-buffer-overflow in Convolve3x3\n\n *\n\n MFSA 2012-87 / CVE-2012-3990: Security researcher\n miaubiz used the Address Sanitizer tool to discover a\n use-after-free in the IME State Manager code. This could\n lead to a potentially exploitable crash.\n\n *\n\n MFSA 2012-89 / CVE-2012-4192 / CVE-2012-4193: Mozilla\n security researcher moz_bug_r_a4 reported a regression\n where security wrappers are unwrapped without doing a\n security check in defaultValue(). This can allow for\n improper access access to the Location object. In versions\n 15 and earlier of affected products, there was also the\n potential for arbitrary code execution.\n", "edition": 1, "modified": "2012-10-16T22:08:48", "published": "2012-10-16T22:08:48", "id": "SUSE-SU-2012:1351-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html", "type": "suse", "title": "Security update for Mozilla Firefox (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3995", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4190", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179"], "description": "\nThe Mozilla Project reports:\n\n MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/\n\t rv:10.0.8)\nMFSA 2012-75 select element persistance allows for attacks\nMFSA 2012-76 Continued access to initial origin after setting\n\t document.domain\nMFSA 2012-77 Some DOMWindowUtils methods bypass security checks\nMFSA 2012-78 Reader Mode pages have chrome privileges\nMFSA 2012-79 DOS and crash with full screen and history navigation\nMFSA 2012-80 Crash with invalid cast when using instanceof\n\t operator\nMFSA 2012-81 GetProperty function can bypass security checks\nMFSA 2012-82 top object and location property accessible by\n\t plugins\nMFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces\n\t to privileged functions or properties\nMFSA 2012-84 Spoofing and script injection through location.hash\nMFSA 2012-85 Use-after-free, buffer overflow, and out of bounds\n\t read issues found using Address Sanitizer\nMFSA 2012-86 Heap memory corruption issues found using Address\n\t Sanitizer\nMFSA 2012-87 Use-after-free in the IME State Manager\nMFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)\nMFSA 2012-89 defaultValue security checks not applied\n\n", "edition": 4, "modified": "2012-10-11T00:00:00", "published": "2012-10-09T00:00:00", "id": "6E5A9AFD-12D3-11E2-B47D-C8600054B392", "href": "https://vuxml.freebsd.org/freebsd/6e5a9afd-12d3-11e2-b47d-c8600054b392.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:38", "bulletinFamily": "software", "cvelist": ["CVE-2012-3995", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4182", "CVE-2012-4180", "CVE-2012-4179"], "edition": 1, "description": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team discovered a series of use-after-free, buffer overflow, and\nout of bounds read issues using the Address Sanitizer tool in shipped software.\nThese issues are potentially exploitable, allowing for remote code execution.\nWe would also like to thank Abhishek for reporting two additional use-after-free\nflaws introduced during Firefox 16 development and fixed before general release. \n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "modified": "2012-10-09T00:00:00", "published": "2012-10-09T00:00:00", "id": "MFSA2012-85", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2012-85/", "type": "mozilla", "title": "Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:37", "bulletinFamily": "software", "cvelist": ["CVE-2012-4185", "CVE-2012-4186", "CVE-2012-4187", "CVE-2012-4188"], "edition": 1, "description": "Security researcher Atte Kettunen from OUSPG reported\nseveral heap memory corruption issues found using the Address Sanitizer tool.\nThese issues are potentially exploitable, allowing for remote code execution.\n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "modified": "2012-10-09T00:00:00", "published": "2012-10-09T00:00:00", "id": "MFSA2012-86", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2012-86/", "type": "mozilla", "title": "Heap memory corruption issues found using Address Sanitizer", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-4930", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-3977", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4190", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179", "CVE-2012-4196"], "description": "Information leakage, multiple memory corruptions, crossite scripting, etc.", "edition": 1, "modified": "2012-10-29T00:00:00", "published": "2012-10-29T00:00:00", "id": "SECURITYVULNS:VULN:12639", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12639", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:47:23", "description": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to conduct cross-site scripting (XSS) attacks via a binary plugin that uses Object.defineProperty to shadow the top object, and leverages the relationship between top.location and the location property.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-3994", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3994"], "modified": "2020-08-07T15:42:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-3994", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3994", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Heap-based buffer overflow in the Convolve3x3 function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-4188", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4188"], "modified": "2020-08-13T19:29:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4188", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4188", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-4179", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4179"], "modified": "2020-08-13T18:21:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4179", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4179", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not properly interact with failures of InstallTrigger methods, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site, related to an \"XrayWrapper pollution\" issue.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-3993", "type": "cve", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3993"], "modified": "2020-08-13T20:43:00", "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:firefox_esr:10.0.4", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox_esr:10.0.2", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:firefox_esr:10.0.5", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox_esr:10.0.3", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:firefox_esr:10.0.1", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:thunderbird_esr:10.0", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird_esr:10.0.4", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox_esr:10.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird_esr:10.0.6", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:thunderbird_esr:10.0.3", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:thunderbird_esr:10.0.2", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox_esr:10.0.6", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:firefox_esr:10.0.7", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird_esr:10.0.5", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:thunderbird_esr:10.0.7", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird_esr:10.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:thunderbird:13.0.1"], "id": "CVE-2012-3993", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3993", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:thunderbird:3.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:15.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.9:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird_esr:10.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:15.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox_esr:10.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:14.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.13:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.11:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.10:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage a certain insPos variable, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and assertion failure) via unspecified vectors.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-4187", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4187"], "modified": "2020-08-10T14:59:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4187", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4187", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 does not prevent access to properties of a prototype for a standard class, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-4184", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4184"], "modified": "2020-08-13T18:32:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4184", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4184", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting (XSS) attacks or obtain sensitive POST content via vectors involving a location.hash write operation and history navigation that triggers the loading of a URL into the history object.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-3992", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3992"], "modified": "2020-08-10T14:52:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-3992", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3992", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code via unspecified vectors.", "edition": 6, "cvss3": {}, "published": "2012-10-10T17:55:00", "title": "CVE-2012-4186", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4186"], "modified": "2020-08-11T13:43:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_sdk:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4186", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4186", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_sdk:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*"]}]}