Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2021 Tenable Network Security, Inc.SUSE_11_4_MOZILLA-JS192-120201.NASL
HistoryJun 13, 2014 - 12:00 a.m.

openSUSE Security Update : mozilla-js192 (mozilla-js192-5749)

2014-06-1300:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
29
JSON

mozilla xulrunner was updated to 1.9.2.26 security update, fixing security issues and bugs. Following security bugs were fixed :

MFSA 2012-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products. References

CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety problems that were fixed in both Firefox 10 and Firefox 3.6.26.

MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been generous in its interpretation of web addresses containing square brackets around the host. If this host was not a valid IPv6 literal address, Firefox attempted to interpret the host as a regular domain name. Gregory Fleischer reported that requests made using IPv6 syntax using XMLHttpRequest objects through a proxy may generate errors depending on proxy configuration for IPv6. The resulting error messages from the proxy may disclose sensitive data because Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read these error messages, allowing user privacy to be eroded. Firefox now enforces RFC 3986 IPv6 literal syntax and that may break links written using the non-standard Firefox-only forms that were previously accepted.

This was fixed previously for Firefox 7.0, Thunderbird 7.0, and SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18 during 2012.

MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative that removed child nodes of nsDOMAttribute can be accessed under certain circumstances because of a premature notification of AttributeChildRemoved. This use-after-free of the child nodes could possibly allow for for remote code execution.

MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution.

MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and Aki Helin independently reported that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to a memory corruption. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update mozilla-js192-5749.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75961);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2011-3659", "CVE-2011-3670", "CVE-2012-0442", "CVE-2012-0444", "CVE-2012-0449");

  script_name(english:"openSUSE Security Update : mozilla-js192 (mozilla-js192-5749)");
  script_summary(english:"Check for the mozilla-js192-5749 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"mozilla xulrunner was updated to 1.9.2.26 security update, fixing
security issues and bugs. Following security bugs were fixed :

MFSA 2012-01: Mozilla developers identified and fixed several memory
safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with
enough effort at least some of these could be exploited to run
arbitrary code.

In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but
are potentially a risk in browser or browser-like contexts in those
products. References

CVE-2012-0442: Jesse Ruderman and Bob Clary reported memory safety
problems that were fixed in both Firefox 10 and Firefox 3.6.26.

MFSA 2012-02/CVE-2011-3670: For historical reasons Firefox has been
generous in its interpretation of web addresses containing square
brackets around the host. If this host was not a valid IPv6 literal
address, Firefox attempted to interpret the host as a regular domain
name. Gregory Fleischer reported that requests made using IPv6 syntax
using XMLHttpRequest objects through a proxy may generate errors
depending on proxy configuration for IPv6. The resulting error
messages from the proxy may disclose sensitive data because
Same-Origin Policy (SOP) will allow the XMLHttpRequest object to read
these error messages, allowing user privacy to be eroded. Firefox now
enforces RFC 3986 IPv6 literal syntax and that may break links written
using the non-standard Firefox-only forms that were previously
accepted.

This was fixed previously for Firefox 7.0, Thunderbird 7.0, and
SeaMonkey 2.4 but only fixed in Firefox 3.6.26 and Thunderbird 3.1.18
during 2012.

MFSA 2012-04/CVE-2011-3659: Security researcher regenrecht reported
via TippingPoint's Zero Day Initiative that removed child nodes of
nsDOMAttribute can be accessed under certain circumstances because of
a premature notification of AttributeChildRemoved. This use-after-free
of the child nodes could possibly allow for for remote code execution.

MFSA 2012-07/CVE-2012-0444: Security researcher regenrecht reported
via TippingPoint's Zero Day Initiative the possibility of memory
corruption during the decoding of Ogg Vorbis files. This can cause a
crash during decoding and has the potential for remote code execution.

MFSA 2012-08/CVE-2012-0449: Security researchers Nicolas Gregoire and
Aki Helin independently reported that when processing a malformed
embedded XSLT stylesheet, Firefox can crash due to a memory
corruption. While there is no evidence that this is directly
exploitable, there is a possibility of remote code execution."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=744275"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected mozilla-js192 packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Firefox 8/9 AttributeChildRemoved() Use-After-Free');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-gnome-debuginfo-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-common-32bit");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mozilla-xulrunner192-translations-other-32bit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.4");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/02/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.4)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.4", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-js192-debuginfo-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-buildsymbols-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debuginfo-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-debugsource-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-devel-debuginfo-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-gnome-debuginfo-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-common-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", reference:"mozilla-xulrunner192-translations-other-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-js192-debuginfo-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-debuginfo-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-gnome-debuginfo-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-common-32bit-1.9.2.26-0.2.1") ) flag++;
if ( rpm_check(release:"SUSE11.4", cpu:"x86_64", reference:"mozilla-xulrunner192-translations-other-32bit-1.9.2.26-0.2.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mozilla-xulrunner192");
}
VendorProductVersionCPE
novellopensusemozilla-js192p-cpe:/a:novell:opensuse:mozilla-js192
novellopensusemozilla-js192-32bitp-cpe:/a:novell:opensuse:mozilla-js192-32bit
novellopensusemozilla-js192-debuginfop-cpe:/a:novell:opensuse:mozilla-js192-debuginfo
novellopensusemozilla-js192-debuginfo-32bitp-cpe:/a:novell:opensuse:mozilla-js192-debuginfo-32bit
novellopensusemozilla-xulrunner192p-cpe:/a:novell:opensuse:mozilla-xulrunner192
novellopensusemozilla-xulrunner192-32bitp-cpe:/a:novell:opensuse:mozilla-xulrunner192-32bit
novellopensusemozilla-xulrunner192-buildsymbolsp-cpe:/a:novell:opensuse:mozilla-xulrunner192-buildsymbols
novellopensusemozilla-xulrunner192-debuginfop-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo
novellopensusemozilla-xulrunner192-debuginfo-32bitp-cpe:/a:novell:opensuse:mozilla-xulrunner192-debuginfo-32bit
novellopensusemozilla-xulrunner192-debugsourcep-cpe:/a:novell:opensuse:mozilla-xulrunner192-debugsource
Rows per page:
1-10 of 211

Related

nessus 61
openvas 72
oraclelinux 4
suse 4
ubuntu 6
redhat 5
centos 5
debian 4
osv 3
securityvulns 8
freebsd 2
cvelist 1
veracode 3
saint 4
cve 3
mozilla 3
checkpoint_advisories 1
ubuntucve 4
fedora 1
prion 2
packetstorm 1
zdi 2
nessus
nessus
Mozilla Thunderbird 3.1.x < 3.1.18 Multiple Vulnerabilities
2012-02-01 00:00:00
SuSE 11.1 Security Update : Mozilla XULrunner (SAT Patch Number 5764)
2012-02-10 00:00:00
Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1350-1)
2012-02-09 00:00:00
openvas
openvas
Ubuntu Update for thunderbird USN-1350-1
2012-02-13 00:00:00
RedHat Update for firefox RHSA-2012:0079-01
2012-02-01 00:00:00
Ubuntu Update for xulrunner-1.9.2 USN-1353-1
2012-02-13 00:00:00
oraclelinux
oraclelinux
firefox security update
2012-01-31 00:00:00
thunderbird security update
2012-01-31 00:00:00
seamonkey security update
2012-02-01 00:00:00
suse
suse
Security update for Mozilla XULrunner (important)
2012-02-09 19:07:25
Security update for Mozilla Firefox (important)
2012-02-09 19:10:22
MozillaFirefox: Version 10 (important)
2012-02-09 19:10:49
ubuntu
ubuntu
Thunderbird vulnerabilities
2012-02-08 00:00:00
Xulrunnner vulnerabilities
2012-02-08 00:00:00
Firefox vulnerabilities
2012-02-03 00:00:00
redhat
redhat
(RHSA-2012:0079) Critical: firefox security update
2012-01-31 00:00:00
(RHSA-2012:0080) Critical: thunderbird security update
2012-01-31 00:00:00
(RHSA-2012:0084) Critical: seamonkey security update
2012-02-01 00:00:00
centos
centos
firefox, xulrunner security update
2012-02-01 03:34:27
thunderbird security update
2012-02-01 11:56:07
thunderbird security update
2012-02-01 12:31:49
debian
debian
[SECURITY] [DSA 2400-1] iceweasel security update
2012-02-02 20:09:11
[SECURITY] [DSA 2406-1] icedove security update
2012-02-09 12:08:16
[SECURITY] [DSA 2402-1] iceape security update
2012-02-02 20:12:08
osv
osv
iceape - several
2012-02-02 00:00:00
icedove - several
2012-02-09 00:00:00
iceweasel - several
2012-02-02 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-02-03 00:00:00
Mozilla Foundation Security Advisory 2012-04
2012-02-03 00:00:00
libvorbis library buffer overflow
2012-02-22 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2012-01-31 00:00:00
libtremor -- memory corruption
2012-01-31 00:00:00
cvelist
cvelist
CVE-2012-0449
2012-02-01 16:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:07:17
Information Disclosure
2020-04-10 01:07:18
Arbitrary Code Execution
2020-04-10 01:07:21
saint
saint
Firefox AttributeChildRemoved Use After Free
2012-05-21 00:00:00
Firefox AttributeChildRemoved Use After Free
2012-05-21 00:00:00
Firefox AttributeChildRemoved Use After Free
2012-05-21 00:00:00
cve
cve
CVE-2011-3659
2012-02-01 16:55:00
CVE-2011-3670
2012-02-01 16:55:00
CVE-2012-0449
2012-02-01 16:55:00
mozilla
mozilla
Overly permissive IPv6 literal syntax — Mozilla
2012-01-31 00:00:00
Child nodes from nsDOMAttribute still accessible after removal of nodes — Mozilla
2012-01-31 00:00:00
Crash with malformed embedded XSLT stylesheets — Mozilla
2012-01-31 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products Ogg Vorbis Decoding Memory Corruption (CVE-2012-0444)
2012-05-14 00:00:00
ubuntucve
ubuntucve
CVE-2012-0444
2012-02-01 00:00:00
CVE-2011-3659
2012-02-01 00:00:00
CVE-2012-0449
2012-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: libvorbis-1.3.3-1.fc16
2012-02-17 00:57:43
prion
prion
Design/Logic Flaw
2012-02-01 16:55:00
Information disclosure
2012-02-01 16:55:00
packetstorm
packetstorm
Firefox 8/9 AttributeChildRemoved() Use-After-Free
2012-05-14 00:00:00
zdi
zdi
Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability
2012-06-28 00:00:00
Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability
2012-04-09 00:00:00
JSON
Related for SUSE_11_4_MOZILLA-JS192-120201.NASL
nessus61openvas72oraclelinux4suse4ubuntu6redhat5centos5debian4osv3securityvulns8freebsd2cvelist1veracode3saint4cve3mozilla3checkpoint_advisories1ubuntucve4fedora1prion2packetstorm1zdi2