Lucene search
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20130625_FIREFOX_ON_SL5_X.NASLHistoryJun 26, 2013 - 12:00 a.m.
Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130625)
2013-06-2600:00:00
This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1690)
It was found that Firefox allowed data to be sent in the body of XMLHttpRequest (XHR) HEAD requests. In some cases this could allow attackers to conduct Cross-Site Request Forgery (CSRF) attacks.
(CVE-2013-1692)
Timing differences in the way Firefox processed SVG image files could allow an attacker to read data across domains, potentially leading to information disclosure. (CVE-2013-1693)
Two flaws were found in the way Firefox implemented some of its internal structures (called wrappers). An attacker could use these flaws to bypass some restrictions placed on them. This could lead to unexpected behavior or a potentially exploitable crash.
(CVE-2013-1694, CVE-2013-1697)
0.7 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66983);
script_version("1.13");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/29");
script_cve_id(
"CVE-2013-1682",
"CVE-2013-1684",
"CVE-2013-1685",
"CVE-2013-1686",
"CVE-2013-1687",
"CVE-2013-1690",
"CVE-2013-1692",
"CVE-2013-1693",
"CVE-2013-1694",
"CVE-2013-1697"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");
script_name(english:"Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130625)");
script_set_attribute(attribute:"synopsis", value:
"The remote Scientific Linux host is missing one or more security
updates.");
script_set_attribute(attribute:"description", value:
"Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2013-1682, CVE-2013-1684, CVE-2013-1685,
CVE-2013-1686, CVE-2013-1687, CVE-2013-1690)
It was found that Firefox allowed data to be sent in the body of
XMLHttpRequest (XHR) HEAD requests. In some cases this could allow
attackers to conduct Cross-Site Request Forgery (CSRF) attacks.
(CVE-2013-1692)
Timing differences in the way Firefox processed SVG image files could
allow an attacker to read data across domains, potentially leading to
information disclosure. (CVE-2013-1693)
Two flaws were found in the way Firefox implemented some of its
internal structures (called wrappers). An attacker could use these
flaws to bypass some restrictions placed on them. This could lead to
unexpected behavior or a potentially exploitable crash.
(CVE-2013-1694, CVE-2013-1697)
0.7 ESR, which corrects these issues. After installing the update,
Firefox must be restarted for the changes to take effect.");
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1306&L=scientific-linux-errata&T=0&P=2075
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?65443fd6");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Firefox onreadystatechange Event DocumentViewerImpl Use After Free');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/06/26");
script_set_attribute(attribute:"patch_publication_date", value:"2013/06/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/06/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xulrunner-devel");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Scientific Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"firefox-17.0.7-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"firefox-debuginfo-17.0.7-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-17.0.7-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-debuginfo-17.0.7-1.el5_9")) flag++;
if (rpm_check(release:"SL5", reference:"xulrunner-devel-17.0.7-1.el5_9")) flag++;
if (rpm_check(release:"SL6", reference:"firefox-17.0.7-1.el6_4")) flag++;
if (rpm_check(release:"SL6", reference:"firefox-debuginfo-17.0.7-1.el6_4")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-17.0.7-1.el6_4")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-debuginfo-17.0.7-1.el6_4")) flag++;
if (rpm_check(release:"SL6", reference:"xulrunner-devel-17.0.7-1.el6_4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | firefox | p-cpe:/a:fermilab:scientific_linux:firefox |
| fermilab | scientific_linux | firefox-debuginfo | p-cpe:/a:fermilab:scientific_linux:firefox-debuginfo |
| fermilab | scientific_linux | xulrunner | p-cpe:/a:fermilab:scientific_linux:xulrunner |
| fermilab | scientific_linux | xulrunner-debuginfo | p-cpe:/a:fermilab:scientific_linux:xulrunner-debuginfo |
| fermilab | scientific_linux | xulrunner-devel | p-cpe:/a:fermilab:scientific_linux:xulrunner-devel |
| fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697
www.nessus.org/u?65443fd6
Related
openvas
openvas
Mozilla Thunderbird ESR Multiple Vulnerabilities - June 13 (Windows)
2013-06-26 00:00:00
CentOS Update for thunderbird CESA-2013:0982 centos6
2013-06-27 00:00:00
Debian Security Advisory DSA 2716-1 (iceweasel - several vulnerabilities)
2013-06-26 00:00:00
redhat
redhat
(RHSA-2013:0982) Important: thunderbird security update
2013-06-25 00:00:00
(RHSA-2013:0981) Critical: firefox security update
2013-06-25 00:00:00
nessus
nessus
openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2013:1141-1)
2014-06-13 00:00:00
Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities
2013-06-26 00:00:00
RHEL 5 / 6 : thunderbird (RHSA-2013:0982)
2013-06-26 00:00:00
veracode
veracode
Use-After-Free
2019-05-02 04:45:43
Same-Origin Policy Bypass
2019-05-02 04:45:44
Arbitrary Code Execution
2019-05-02 04:45:43
mageia
mageia
Updated Firefox and Thunderbird packages fix multiple vulnerabilities
2013-06-26 22:45:58
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
Updated iceape packages fix multiple vulnerabilities
2014-03-31 23:47:52
suse
suse
xulrunner: 17.0.7esr (important)
2013-07-04 12:04:46
MozillaThunderbird: 17.0.7 (important)
2013-07-04 12:04:15
Security update for Mozilla Firefox (important)
2013-07-05 22:04:18
oraclelinux
oraclelinux
thunderbird security update
2013-06-25 00:00:00
firefox security update
2013-06-25 00:00:00
centos
centos
firefox, xulrunner security update
2013-06-26 02:19:59
thunderbird security update
2013-06-26 02:19:42
debian
debian
[SECURITY] [DSA 2716-1] iceweasel security update
2013-06-26 14:01:13
[SECURITY] [DSA 2720-1] icedove security update
2013-07-06 15:37:40
ubuntu
ubuntu
Thunderbird vulnerabilities
2013-06-26 00:00:00
Firefox vulnerabilities
2013-06-26 00:00:00
Firefox regression
2013-07-03 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-07-01 00:00:00
mozilla
mozilla
Memory corruption found using Address Sanitizer — Mozilla
2013-06-25 00:00:00
XrayWrappers can be bypassed to run user defined methods in a privileged context — Mozilla
2013-06-25 00:00:00
PreserveWrapper has inconsistent behavior — Mozilla
2013-06-25 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-06-25 00:00:00
ibm
ibm
cvelist
cvelist
cve
cve
prion
prion
Design/Logic Flaw
2013-06-26 03:19:00
Design/Logic Flaw
2013-06-26 03:19:00
Design/Logic Flaw
2013-06-26 03:19:00
ubuntucve
ubuntucve
zdt
zdt
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
2013-08-08 00:00:00
saint
saint
Mozilla Firefox onreadystatechange Event Use After Free
2013-08-22 00:00:00
Mozilla Firefox onreadystatechange Event Use After Free
2013-08-22 00:00:00
Mozilla Firefox onreadystatechange Event Use After Free
2013-08-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox onreadystatechange Use After Free (CVE-2013-1690)
2013-09-01 00:00:00
packetstorm
packetstorm
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
2013-08-08 00:00:00
seebug
seebug
Mozilla Firefox JavaScript远程代码执行漏洞
2013-08-11 00:00:00
cisa_kev
cisa_kev
Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability
2022-03-28 00:00:00
attackerkb
attackerkb
CVE-2013-1690
2013-06-26 00:00:00
threatpost
threatpost
Oil, Energy Watering Hole Attacks Linked to DOL attack
2013-09-19 15:55:05
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00
Related for SL_20130625_FIREFOX_ON_SL5_X.NASL