Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2009-2021 Tenable Network Security, Inc.SUSE_11_1_MOZILLAFIREFOX-090812.NASL
HistoryAug 20, 2009 - 12:00 a.m.

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202)

2009-08-2000:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
23
JSON

MozillaFirefox was updated to the 3.0.13 release, fixing some security issues and bugs :

MFSA 2009-44 / CVE-2009-2654: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location. Additionally, if the spoofed document was created by a document with a valid SSL certificate, the SSL indicators would be carried over into the spoofed document. An attacker could use these issues to display misleading location and SSL information for a malicious web page.

MFSA 2009-45 / CVE-2009-2662:The browser engine in Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in js/src/jstracer.cpp, and unspecified other vectors.

CVE-2009-2663 / MFSA 2009-45: libvorbis before r16182, as used in Mozilla Firefox before 3.0.13 and 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file.

CVE-2009-2664 / MFSA 2009-45: The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a ‘memory safety bug.’

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update MozillaFirefox-1202.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(40648);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2009-2654", "CVE-2009-2662", "CVE-2009-2663", "CVE-2009-2664");

  script_name(english:"openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202)");
  script_summary(english:"Check for the MozillaFirefox-1202 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"MozillaFirefox was updated to the 3.0.13 release, fixing some security
issues and bugs :

MFSA 2009-44 / CVE-2009-2654: Security researcher Juan Pablo Lopez
Yacubian reported that an attacker could call window.open() on an
invalid URL which looks similar to a legitimate URL and then use
document.write() to place content within the new document, appearing
to have come from the spoofed location. Additionally, if the spoofed
document was created by a document with a valid SSL certificate, the
SSL indicators would be carried over into the spoofed document. An
attacker could use these issues to display misleading location and SSL
information for a malicious web page.

MFSA 2009-45 / CVE-2009-2662:The browser engine in Mozilla Firefox
before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to
cause a denial of service (memory corruption and application crash) or
possibly execute arbitrary code via vectors related to the
TraceRecorder::snapshot function in js/src/jstracer.cpp, and
unspecified other vectors.

CVE-2009-2663 / MFSA 2009-45: libvorbis before r16182, as used in
Mozilla Firefox before 3.0.13 and 3.5.x before 3.5.2 and other
products, allows context-dependent attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via a crafted .ogg file.

CVE-2009-2664 / MFSA 2009-45: The js_watch_set function in
js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before
3.0.13, and 3.5.x before 3.5.2, allows remote attackers to cause a
denial of service (assertion failure and application exit) or possibly
execute arbitrary code via a crafted .js file, related to a 'memory
safety bug.'"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=527489"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected MozillaFirefox packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cwe_id(20, 119, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:MozillaFirefox-translations");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gconf2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:gconf2-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libidl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libidl-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-gnomevfs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-gnomevfs-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-translations");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner190-translations-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:orbit2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:orbit2-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-xpcom190");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-3.0.13-0.1.2") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-branding-upstream-3.0.13-0.1.2") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"MozillaFirefox-translations-3.0.13-0.1.2") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"gconf2-2.24.0-2.15") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"libidl-0.8.11-1.27") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"mozilla-xulrunner190-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"mozilla-xulrunner190-devel-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"mozilla-xulrunner190-gnomevfs-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"mozilla-xulrunner190-translations-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"orbit2-2.14.16-1.23") ) flag++;
if ( rpm_check(release:"SUSE11.1", reference:"python-xpcom190-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"gconf2-2.24.0-2.17") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"gconf2-32bit-2.24.0-2.15") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"libidl-0.8.11-1.33") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"libidl-32bit-0.8.11-1.27") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"mozilla-xulrunner190-32bit-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"mozilla-xulrunner190-translations-32bit-1.9.0.13-1.1.1") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"orbit2-2.14.16-1.28") ) flag++;
if ( rpm_check(release:"SUSE11.1", cpu:"x86_64", reference:"orbit2-32bit-2.14.16-1.23") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "MozillaFirefox");
}
VendorProductVersionCPE
novellopensusemozillafirefoxp-cpe:/a:novell:opensuse:mozillafirefox
novellopensusemozillafirefox-branding-upstreamp-cpe:/a:novell:opensuse:mozillafirefox-branding-upstream
novellopensusemozillafirefox-translationsp-cpe:/a:novell:opensuse:mozillafirefox-translations
novellopensusegconf2p-cpe:/a:novell:opensuse:gconf2
novellopensusegconf2-32bitp-cpe:/a:novell:opensuse:gconf2-32bit
novellopensuselibidlp-cpe:/a:novell:opensuse:libidl
novellopensuselibidl-32bitp-cpe:/a:novell:opensuse:libidl-32bit
novellopensusemozilla-xulrunner190p-cpe:/a:novell:opensuse:mozilla-xulrunner190
novellopensusemozilla-xulrunner190-32bitp-cpe:/a:novell:opensuse:mozilla-xulrunner190-32bit
novellopensusemozilla-xulrunner190-develp-cpe:/a:novell:opensuse:mozilla-xulrunner190-devel
Rows per page:
1-10 of 181

Related

openvas 68
nessus 44
osv 1
mozilla 3
prion 6
cve 6
ubuntucve 6
veracode 2
securityvulns 4
debian 2
ubuntu 2
gentoo 2
fedora 4
centos 5
oraclelinux 4
redhat 5
debiancve 2
suse 1
openvas
openvas
Mozilla Firefox Multiple Memory Corruption Vulnerabilities (Aug 2009) - Windows
2009-08-07 00:00:00
SLES10: Security update for Mozilla Firefox
2009-10-13 00:00:00
SLES11: Security update for Mozilla Firefox
2009-10-11 00:00:00
nessus
nessus
SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6433)
2009-09-24 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202)
2009-08-20 00:00:00
SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1200)
2009-09-24 00:00:00
osv
osv
xulrunner - spoofing vulnerabilities
2009-08-26 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13) — Mozilla
2009-08-03 00:00:00
Location bar and SSL indicator spoofing via window.open() on invalid URL — Mozilla
2009-08-03 00:00:00
Upgrade media libraries to fix memory safety bugs — Mozilla
2009-10-27 00:00:00
prion
prion
Memory corruption
2009-08-04 16:30:00
Design/Logic Flaw
2009-08-04 16:30:00
Design/Logic Flaw
2009-08-03 14:30:00
cve
cve
CVE-2009-2662
2009-08-04 16:30:00
CVE-2009-2664
2009-08-04 16:30:00
CVE-2009-2654
2009-08-03 14:30:00
ubuntucve
ubuntucve
CVE-2009-2662
2009-08-04 00:00:00
CVE-2009-2664
2009-08-04 00:00:00
CVE-2009-2654
2009-08-03 00:00:00
veracode
veracode
Spoofable Address Bar
2020-04-10 00:37:55
Arbitrary Code Execution
2020-04-10 00:35:42
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-44
2009-08-07 00:00:00
[USN-825-1] libvorbis vulnerability
2009-08-25 00:00:00
Mozilla Firefox, Thunderbird, SeaMonkey, NSS multiple security vulnerabilities
2009-08-07 00:00:00
debian
debian
[SECURITY] [DSA 1873-1] New xulrunner packages fix spoofing vulnerabilities
2009-08-26 18:52:02
[SECURITY] [DSA 1939-1] New libvorbis packages fix several vulnerabilities
2009-11-24 22:41:33
ubuntu
ubuntu
Firefox and Xulrunner vulnerability
2009-08-08 00:00:00
libvorbis vulnerability
2009-08-24 00:00:00
gentoo
gentoo
libvorbis: User-assisted execution of arbitrary code
2009-09-07 00:00:00
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libvorbis-1.2.0-6.fc10
2009-08-10 21:50:41
[SECURITY] Fedora 11 Update: libvorbis-1.2.0-8.fc11
2009-08-10 21:51:43
[SECURITY] Fedora 10 Update: libvorbis-1.2.0-7.fc10
2009-11-10 17:43:32
centos
centos
libvorbis security update
2009-08-18 19:17:02
seamonkey security update
2009-09-10 22:51:03
seamonkey security update
2009-09-10 11:03:30
oraclelinux
oraclelinux
libvorbis security update
2009-08-18 00:00:00
seamonkey security update
2009-09-10 00:00:00
firefox security update
2009-09-10 00:00:00
redhat
redhat
(RHSA-2009:1219) Important: libvorbis security update
2009-08-18 00:00:00
(RHSA-2009:1431) Critical: seamonkey security update
2009-09-09 00:00:00
(RHSA-2009:1432) Critical: seamonkey security update
2009-09-09 00:00:00
debiancve
debiancve
CVE-2009-2663
2009-08-04 16:30:00
CVE-2009-3379
2009-10-29 14:30:00
suse
suse
remote code execution in MozillaFirefox
2009-10-20 17:59:46
JSON
Related for SUSE_11_1_MOZILLAFIREFOX-090812.NASL
openvas68nessus44osv1mozilla3prion6cve6ubuntucve6veracode2securityvulns4debian2ubuntu2gentoo2fedora4centos5oraclelinux4redhat5debiancve2suse1