{"id": "SUSE_11_MOZILLA-XULRUNNER190-100219.NASL", "bulletinFamily": "scanner", "title": "SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)", "description": "Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "published": "2010-02-25T00:00:00", "modified": "2016-12-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44909", "reporter": "Tenable", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=576969", "http://www.mozilla.org/security/announce/2010/mfsa2010-03.html", "http://support.novell.com/security/cve/CVE-2010-0159.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-02.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-05.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html", "http://support.novell.com/security/cve/CVE-2009-3988.html", "http://support.novell.com/security/cve/CVE-2009-1571.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-01.html", "http://support.novell.com/security/cve/CVE-2010-0160.html", "http://support.novell.com/security/cve/CVE-2010-0162.html"], "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "type": "nessus", "lastseen": "2017-10-29T13:42:42", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "edition": 2, "enchantments": {}, "hash": "29b2121ba886facb49405177d2de129a6e9aea0e60564b3e7db255dbce5269c9", "hashmap": [{"hash": "ab3f1038294b2799bcc02c9464f5952d", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "52a5411e7f071cae984d40f6bc064674", "key": "title"}, {"hash": "dbfc53466ca83eb2eefb40bea32f0b30", "key": "cvelist"}, {"hash": "b4a6e2d3ea9db02b543b396cfe424eb8", "key": "published"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "3befc94faf03f2e4f184edfa4abb681f", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "8fd3c0d10643d313d61153df455e9f87", "key": "modified"}, {"hash": "273ea7552f2fedc728d1462e7791434b", "key": "pluginID"}, {"hash": "e938db2f4082460794bd2e693f4f3112", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "740a0956994833a204c3db234be57d8d", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44909", "id": "SUSE_11_MOZILLA-XULRUNNER190-100219.NASL", "lastseen": "2016-12-22T06:12:56", "modified": "2016-12-21T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "44909", "published": "2010-02-25T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=576969", "http://www.mozilla.org/security/announce/2010/mfsa2010-03.html", "http://support.novell.com/security/cve/CVE-2010-0159.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-02.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-05.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html", "http://support.novell.com/security/cve/CVE-2009-3988.html", "http://support.novell.com/security/cve/CVE-2009-1571.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-01.html", "http://support.novell.com/security/cve/CVE-2010-0160.html", "http://support.novell.com/security/cve/CVE-2010-0162.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44909);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-1571\", \"CVE-2009-3988\", \"CVE-2010-0159\", \"CVE-2010-0160\", \"CVE-2010-0162\");\n\n script_name(english:\"SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8,\nfixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several\n stability bugs in the browser engine used in Firefox and\n other Mozilla-based products. Some of these crashes\n showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via\n TippingPoint's Zero Day Initiative that Mozilla's\n implementation of Web Workers contained an error in its\n handling of array data types when processing posted\n messages. This error could be used by an attacker to\n corrupt heap memory and crash the browser, potentially\n running arbitrary code on a victim's computer. (MFSA\n 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research\n reported that the HTML parser incorrectly freed used\n memory when insufficient space was available to process\n remaining input. Under such circumstances, memory\n occupied by in-use objects was freed and could later be\n filled with attacker-controlled text. These conditions\n could result in the execution or arbitrary code if\n methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft\n Vulnerability Research reported that the properties set\n on an object passed to showModalDialog were readable by\n the document contained in the dialog, even when the\n document was from a different domain. This is a\n violation of the same-origin policy and could result in\n a website running untrusted JavaScript if it assumed the\n dialogArguments could not be initialized by another\n site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day\nInitiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported\n that when a SVG document which is served with\n Content-Type: application/octet-stream is embedded into\n another document via an tag with type='image/svg+xml',\n the Content-Type is ignored and the SVG document is\n processed normally. A website which allows arbitrary\n binary data to be uploaded but which relies on\n Content-Type: application/octet-stream to prevent script\n execution could have such protection bypassed. An\n attacker could upload a SVG document containing\n JavaScript as a binary file to a website, embed the SVG\n document into a malicous page on another site, and gain\n access to the script environment from the SVG-serving\n site, bypassing the same-origin policy. (MFSA 2010-05 /\n CVE-2010-0162)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-01.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-02.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-04.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=576969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1571.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3988.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0159.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0162.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2033.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(79, 94, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)", "type": "nessus", "viewCount": 1}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-12-22T06:12:56"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "edition": 1, "hash": "7b5c68f5fe646420289ee7ffb7d96c1c76ed59d72d6a1f47643abd4b97753c1b", "hashmap": [{"hash": "ab3f1038294b2799bcc02c9464f5952d", "key": "description"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "52a5411e7f071cae984d40f6bc064674", "key": "title"}, {"hash": "dbfc53466ca83eb2eefb40bea32f0b30", "key": "cvelist"}, {"hash": "b4a6e2d3ea9db02b543b396cfe424eb8", "key": "published"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "3befc94faf03f2e4f184edfa4abb681f", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "71a40666da62ba38d22539c8277870c7", "key": "naslFamily"}, {"hash": "df053f48c25080deac7d5ccc19caabdb", "key": "sourceData"}, {"hash": "273ea7552f2fedc728d1462e7791434b", "key": "pluginID"}, {"hash": "e938db2f4082460794bd2e693f4f3112", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=44909", "id": "SUSE_11_MOZILLA-XULRUNNER190-100219.NASL", "lastseen": "2016-09-26T17:25:52", "modified": "2013-10-25T00:00:00", "naslFamily": "SuSE Local Security Checks", "objectVersion": "1.2", "pluginID": "44909", "published": "2010-02-25T00:00:00", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=576969", "http://www.mozilla.org/security/announce/2010/mfsa2010-03.html", "http://support.novell.com/security/cve/CVE-2010-0159.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-02.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-05.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-04.html", "http://support.novell.com/security/cve/CVE-2009-3988.html", "http://support.novell.com/security/cve/CVE-2009-1571.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-01.html", "http://support.novell.com/security/cve/CVE-2010-0160.html", "http://support.novell.com/security/cve/CVE-2010-0162.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44909);\n script_version(\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:52:02 $\");\n\n script_cve_id(\"CVE-2009-1571\", \"CVE-2009-3988\", \"CVE-2010-0159\", \"CVE-2010-0160\", \"CVE-2010-0162\");\n\n script_name(english:\"SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8,\nfixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several\n stability bugs in the browser engine used in Firefox and\n other Mozilla-based products. Some of these crashes\n showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via\n TippingPoint's Zero Day Initiative that Mozilla's\n implementation of Web Workers contained an error in its\n handling of array data types when processing posted\n messages. This error could be used by an attacker to\n corrupt heap memory and crash the browser, potentially\n running arbitrary code on a victim's computer. (MFSA\n 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research\n reported that the HTML parser incorrectly freed used\n memory when insufficient space was available to process\n remaining input. Under such circumstances, memory\n occupied by in-use objects was freed and could later be\n filled with attacker-controlled text. These conditions\n could result in the execution or arbitrary code if\n methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft\n Vulnerability Research reported that the properties set\n on an object passed to showModalDialog were readable by\n the document contained in the dialog, even when the\n document was from a different domain. This is a\n violation of the same-origin policy and could result in\n a website running untrusted JavaScript if it assumed the\n dialogArguments could not be initialized by another\n site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day\nInitiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported\n that when a SVG document which is served with\n Content-Type: application/octet-stream is embedded into\n another document via an tag with type='image/svg+xml',\n the Content-Type is ignored and the SVG document is\n processed normally. A website which allows arbitrary\n binary data to be uploaded but which relies on\n Content-Type: application/octet-stream to prevent script\n execution could have such protection bypassed. An\n attacker could upload a SVG document containing\n JavaScript as a binary file to a website, embed the SVG\n document into a malicous page on another site, and gain\n access to the script environment from the SVG-serving\n site, bypassing the same-origin policy. (MFSA 2010-05 /\n CVE-2010-0162)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-01.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-02.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-04.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=576969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1571.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3988.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0159.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0162.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2033.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(79);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:25:52"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "cf10a5824dfd44d4c24d75f296a10058"}, {"key": "cvelist", "hash": "dbfc53466ca83eb2eefb40bea32f0b30"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "ab3f1038294b2799bcc02c9464f5952d"}, {"key": "href", "hash": "3befc94faf03f2e4f184edfa4abb681f"}, {"key": "modified", "hash": "8fd3c0d10643d313d61153df455e9f87"}, {"key": "naslFamily", "hash": "71a40666da62ba38d22539c8277870c7"}, {"key": "pluginID", "hash": "273ea7552f2fedc728d1462e7791434b"}, {"key": "published", "hash": "b4a6e2d3ea9db02b543b396cfe424eb8"}, {"key": "references", "hash": "e938db2f4082460794bd2e693f4f3112"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "740a0956994833a204c3db234be57d8d"}, {"key": "title", "hash": "52a5411e7f071cae984d40f6bc064674"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "d08f0939c5b37f00c430bdfa38e26be9b6429884f73331efcfdbd1dc07e44e1e", "viewCount": 1, "enchantments": {"vulnersScore": 6.8}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(44909);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:20 $\");\n\n script_cve_id(\"CVE-2009-1571\", \"CVE-2009-3988\", \"CVE-2010-0159\", \"CVE-2010-0160\", \"CVE-2010-0162\");\n\n script_name(english:\"SuSE 11 Security Update : Mozilla XULRunner (SAT Patch Number 2033)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8,\nfixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several\n stability bugs in the browser engine used in Firefox and\n other Mozilla-based products. Some of these crashes\n showed evidence of memory corruption under certain\n circumstances and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via\n TippingPoint's Zero Day Initiative that Mozilla's\n implementation of Web Workers contained an error in its\n handling of array data types when processing posted\n messages. This error could be used by an attacker to\n corrupt heap memory and crash the browser, potentially\n running arbitrary code on a victim's computer. (MFSA\n 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research\n reported that the HTML parser incorrectly freed used\n memory when insufficient space was available to process\n remaining input. Under such circumstances, memory\n occupied by in-use objects was freed and could later be\n filled with attacker-controlled text. These conditions\n could result in the execution or arbitrary code if\n methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft\n Vulnerability Research reported that the properties set\n on an object passed to showModalDialog were readable by\n the document contained in the dialog, even when the\n document was from a different domain. This is a\n violation of the same-origin policy and could result in\n a website running untrusted JavaScript if it assumed the\n dialogArguments could not be initialized by another\n site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day\nInitiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported\n that when a SVG document which is served with\n Content-Type: application/octet-stream is embedded into\n another document via an tag with type='image/svg+xml',\n the Content-Type is ignored and the SVG document is\n processed normally. A website which allows arbitrary\n binary data to be uploaded but which relies on\n Content-Type: application/octet-stream to prevent script\n execution could have such protection bypassed. An\n attacker could upload a SVG document containing\n JavaScript as a binary file to a website, embed the SVG\n document into a malicous page on another site, and gain\n access to the script environment from the SVG-serving\n site, bypassing the same-origin policy. (MFSA 2010-05 /\n CVE-2010-0162)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-01.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-02.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-03.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-04.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-05.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=576969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1571.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3988.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0159.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-0162.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 2033.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(79, 94, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-gnomevfs-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-translations-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-gnomevfs-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"mozilla-xulrunner190-translations-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"mozilla-xulrunner190-32bit-1.9.0.18-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "44909", "cpe": ["p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-translations", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner190-gnomevfs-32bit"]}

{"result": {"cve": [{"id": "CVE-2010-0160", "type": "cve", "title": "CVE-2010-0160", "description": "The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.", "published": "2010-02-22T08:00:02", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0160", "cvelist": ["CVE-2010-0160"], "lastseen": "2017-09-19T13:36:49"}, {"id": "CVE-2009-1571", "type": "cve", "title": "CVE-2009-1571", "description": "Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.", "published": "2010-02-22T08:00:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1571", "cvelist": ["CVE-2009-1571"], "lastseen": "2017-09-29T14:26:36"}, {"id": "CVE-2010-0159", "type": "cve", "title": "CVE-2010-0159", "description": "The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsBlockFrame::StealFrame function in layout/generic/nsBlockFrame.cpp, and unspecified other vectors.", "published": "2010-02-22T08:00:02", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0159", "cvelist": ["CVE-2010-0159"], "lastseen": "2017-09-19T13:36:49"}, {"id": "CVE-2010-0162", "type": "cve", "title": "CVE-2010-0162", "description": "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving SVG and the EMBED element, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via an embedded SVG document.", "published": "2010-02-22T08:00:02", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0162", "cvelist": ["CVE-2010-0162"], "lastseen": "2017-09-19T13:36:49"}, {"id": "CVE-2009-3988", "type": "cve", "title": "CVE-2009-3988", "description": "Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via crafted dialogArguments values.", "published": "2010-02-22T08:00:01", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3988", "cvelist": ["CVE-2009-3988"], "lastseen": "2017-09-19T13:36:42"}], "zdi": [{"id": "ZDI-10-046", "type": "zdi", "title": "Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability", "description": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.\n\nThe specific flaw exists within the implementation of web worker threads. Due to mishandling the array data type while processing posted messages, a web worker thread can be made to corrupt heap memory. An attacker can exploit this vulnerability to execute arbitrary code under the context of the user running the browser.", "published": "2010-04-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-046", "cvelist": ["CVE-2010-0160"], "lastseen": "2016-11-09T00:18:01"}, {"id": "ZDI-10-019", "type": "zdi", "title": "Mozilla Firefox showModalDialog Cross-Domain Scripting Vulnerability", "description": "This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.\n\nThe specific flaw exists in the lack of cross domain policy enforcement. Through usage of the showModalDialog() JavaScript method an attacker can gather sensitive information from another website. This vulnerability can be exploited to obtain website credentials not originating from the attacking site.", "published": "2010-02-19T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "http://www.zerodayinitiative.com/advisories/ZDI-10-019", "cvelist": ["CVE-2009-3988"], "lastseen": "2016-11-09T00:17:48"}], "openvas": [{"id": "OPENVAS:902126", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities feb-10 (Windows)", "description": "The host is installed with Mozilla Firefox/Seamonkey and is prone to multiple\n vulnerabilities.", "published": "2010-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902126", "cvelist": ["CVE-2010-0160", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-07-12T10:50:05"}, {"id": "OPENVAS:902127", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities feb-10 (Linux)", "description": "The host is installed with Mozilla Firefox/Seamonkey and is prone to multiple\n vulnerabilities.", "published": "2010-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902127", "cvelist": ["CVE-2010-0160", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-07-14T10:48:50"}, {"id": "OPENVAS:1361412562310902126", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities feb-10 (Windows)", "description": "The host is installed with Mozilla Firefox/Seamonkey and is prone to multiple\n vulnerabilities.", "published": "2010-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902126", "cvelist": ["CVE-2010-0160", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-22T13:05:37"}, {"id": "OPENVAS:1361412562310902127", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities feb-10 (Linux)", "description": "The host is installed with Mozilla Firefox/Seamonkey and is prone to multiple\n vulnerabilities.", "published": "2010-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902127", "cvelist": ["CVE-2010-0160", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-02T10:54:13"}, {"id": "OPENVAS:880599", "type": "openvas", "title": "CentOS Update for firefox CESA-2010:0112 centos5 i386", "description": "Check for the Version of firefox", "published": "2011-08-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880599", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-07-25T10:55:53"}, {"id": "OPENVAS:1361412562310861647", "type": "openvas", "title": "Fedora Update for mozvoikko FEDORA-2010-1936", "description": "Check for the Version of mozvoikko", "published": "2010-03-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861647", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-12-20T13:17:37"}, {"id": "OPENVAS:1361412562310861620", "type": "openvas", "title": "Fedora Update for gnome-web-photo FEDORA-2010-1936", "description": "Check for the Version of gnome-web-photo", "published": "2010-03-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861620", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-02T10:54:34"}, {"id": "OPENVAS:1361412562310870217", "type": "openvas", "title": "RedHat Update for firefox RHSA-2010:0112-01", "description": "Check for the Version of firefox", "published": "2010-02-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870217", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-03T10:54:33"}, {"id": "OPENVAS:1361412562310861692", "type": "openvas", "title": "Fedora Update for yelp FEDORA-2010-1936", "description": "Check for the Version of yelp", "published": "2010-03-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861692", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-17T11:05:57"}, {"id": "OPENVAS:1361412562310861689", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2010-1727", "description": "Check for the Version of gnome-python2-extras", "published": "2010-03-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861689", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-01-23T13:05:52"}], "suse": [{"id": "SUSE-SA:2010:015", "type": "suse", "title": "remote code execution in MozillaFirefox,seamonkey", "description": "Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-03-04T16:53:48", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2016-09-04T12:40:30"}, {"id": "OPENSUSE-SU-2014:1100-1", "type": "suse", "title": "Firefox update to 31.1esr (important)", "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit &quot;Entrust.net Secure Server Certification\n Authority&quot; root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the &quot;USERTrust Legacy Secure Server CA&quot;\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "published": "2014-09-09T18:04:16", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "lastseen": "2016-09-04T12:21:58"}], "nessus": [{"id": "SUSE_MOZILLAFIREFOX-6867.NASL", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6867)", "description": "Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "published": "2010-10-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49891", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:45:26"}, {"id": "DEBIAN_DSA-1999.NASL", "type": "nessus", "title": "Debian DSA-1999-1 : xulrunner - several vulnerabilities", "description": "Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-1571 Alin Rad Pop discovered that incorrect memory handling in the HTML parser could lead to the execution of arbitrary code.\n\n - CVE-2009-3988 Hidetake Jo discovered that the same-origin policy can be bypassed through window.dialogArguments.\n\n - CVE-2010-0159 Henri Sivonen, Boris Zbarsky, Zack Weinberg, Bob Clary, Martijn Wargers and Paul Nickerson reported crashes in layout engine, which might allow the execution of arbitrary code.\n\n - CVE-2010-0160 Orlando Barrera II discovered that incorrect memory handling in the implementation of the web worker API could lead to the execution of arbitrary code.\n\n - CVE-2010-0162 Georgi Guninski discovered that the same origin policy can be bypassed through specially crafted SVG documents.", "published": "2010-02-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44863", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:42:35"}, {"id": "FEDORA_2010-1727.NASL", "type": "nessus", "title": "Fedora 12 : blam-1.8.5-22.fc12 / firefox-3.5.8-1.fc12 / galeon-2.0.7-20.fc12 / etc (2010-1727)", "description": "Update to new upstream Firefox version 3.5.8, fixing multiple security issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.8 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-07-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=47268", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:33:02"}, {"id": "SUSE_MOZILLAFIREFOX-6863.NASL", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6863)", "description": "Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44910", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:41:52"}, {"id": "UBUNTU_USN-896-1.NASL", "type": "nessus", "title": "Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 vulnerabilities (USN-896-1)", "description": "Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159)\n\nOrlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160)\n\nAlin Rad Pop discovered that Firefox's HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571)\n\nHidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988)\n\nGeorgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-02-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44656", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:42:07"}, {"id": "SUSE_11_0_MOZILLAFIREFOX-100223.NASL", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox (MozillaFirefox-2052)", "description": "Mozilla Firefox was upgraded to version 3.0.18, fixing various bugs and security issues.\n\nFollowing security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.\n\nMFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer.\n\nMFSA 2010-03 / CVE-2009-1571: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n\nMFSA 2010-04 / CVE-2009-3988: Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site.\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\nMFSA 2010-05 / CVE-2010-0162: Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an <embed> tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy.", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44899", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:41:48"}, {"id": "SUSE_MOZILLA-XULRUNNER190-6866.NASL", "type": "nessus", "title": "SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6866)", "description": "Mozilla XUL Runner engine 1.9.0 was upgraded to version 1.9.0.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy. (MFSA 2010-05 / CVE-2010-0162)", "published": "2010-10-11T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49900", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:45:36"}, {"id": "SUSE_11_MOZILLAFIREFOX-100219.NASL", "type": "nessus", "title": "SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 2025)", "description": "Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2010-01 / CVE-2010-0159)\n\n - Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer. (MFSA 2010-02 / CVE-2010-0160)\n\n - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n (MFSA 2010-03 / CVE-2009-1571)\n\n - Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. (MFSA 2010-04 / CVE-2009-3988)\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\n - Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an embed tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy.\n (MFSA 2010-05 / CVE-2010-0162)", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44907", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:35:05"}, {"id": "SUSE_11_2_MOZILLAFIREFOX-100218.NASL", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox (MozillaFirefox-2017)", "description": "Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs and security issues.\n\nFollowing security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.\n\nMFSA 2010-02 / CVE-2010-0160: Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer.\n\nMFSA 2010-03 / CVE-2009-1571: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called.\n\nMFSA 2010-04 / CVE-2009-3988: Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site.\n\nAn anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla.\n\nMFSA 2010-05 / CVE-2010-0162: Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an <embed> tag with type='image/svg+xml', the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy.", "published": "2010-02-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=44903", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:40:56"}, {"id": "FEDORA_2010-1932.NASL", "type": "nessus", "title": "Fedora 12 : seamonkey-2.0.3-1.fc12 (2010-1932)", "description": "Update to new upstream SeaMonkey version 2.0.3, fixing multiple security issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.3\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2010-07-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=47285", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2017-10-29T13:40:43"}], "ubuntu": [{"id": "USN-895-1", "type": "ubuntu", "title": "Firefox 3.0 and Xulrunner 1.9 vulnerabilities", "description": "Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159)\n\nOrlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160)\n\nAlin Rad Pop discovered that Firefox\u2019s HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571)\n\nHidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988)\n\nGeorgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162)", "published": "2010-02-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/895-1/", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-03-29T18:18:29"}, {"id": "USN-896-1", "type": "ubuntu", "title": "Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities", "description": "Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159)\n\nOrlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160)\n\nAlin Rad Pop discovered that Firefox\u2019s HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571)\n\nHidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988)\n\nGeorgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162)", "published": "2010-02-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/896-1/", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2018-03-29T18:17:27"}], "freebsd": [{"id": "F82C85D8-1C6E-11DF-ABB2-000F20797EDE", "type": "freebsd", "title": "mozilla -- multiple vulnerabilities", "description": "\nMozilla Project reports:\n\nMFSA 2010-05 XSS hazard using SVG document and binary Content-Type\nMFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain\nMFSA 2010-03 Use-after-free crash in HTML parser\nMFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability\nMFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18)\n\n", "published": "2010-02-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/f82c85d8-1c6e-11df-abb2-000f20797ede.html", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2016-09-26T17:24:50"}], "debian": [{"id": "DSA-1999", "type": "debian", "title": "xulrunner -- several vulnerabilities", "description": "Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2009-1571](<https://security-tracker.debian.org/tracker/CVE-2009-1571>)\n\nAlin Rad Pop discovered that incorrect memory handling in the HTML parser could lead to the execution of arbitrary code.\n\n * [CVE-2009-3988](<https://security-tracker.debian.org/tracker/CVE-2009-3988>)\n\nHidetake Jo discovered that the same-origin policy can be bypassed through window.dialogArguments.\n\n * [CVE-2010-0159](<https://security-tracker.debian.org/tracker/CVE-2010-0159>)\n\nHenri Sivonen, Boris Zbarsky, Zack Weinberg, Bob Clary, Martijn Wargers and Paul Nickerson reported crashes in layout engine, which might allow the execution of arbitrary code.\n\n * [CVE-2010-0160](<https://security-tracker.debian.org/tracker/CVE-2010-0160>)\n\nOrlando Barrera II discovered that incorrect memory handling in the implementation of the web worker API could lead to the execution of arbitrary code.\n\n * [CVE-2010-0162](<https://security-tracker.debian.org/tracker/CVE-2010-0162>)\n\nGeorgi Guninski discovered that the same origin policy can be bypassed through specially crafted SVG documents.\n\nFor the stable distribution (lenny), these problems have been fixed in version 1.9.0.18-1.\n\nFor the unstable distribution (sid), these problems have been fixed in version 1.9.1.8-1.\n\nWe recommend that you upgrade your xulrunner packages.", "published": "2010-02-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-1999", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0162", "CVE-2009-3988"], "lastseen": "2016-09-02T18:34:07"}], "redhat": [{"id": "RHSA-2010:0112", "type": "redhat", "title": "(RHSA-2010:0112) Critical: firefox security update", "description": "Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA use-after-free flaw was found in Firefox. Under low memory conditions,\nvisiting a web page containing malicious content could result in Firefox\nexecuting arbitrary code with the privileges of the user running Firefox.\n(CVE-2009-1571)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0159, CVE-2010-0160)\n\nTwo flaws were found in the way certain content was processed. An attacker\ncould use these flaws to create a malicious web page that could bypass the\nsame-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988,\nCVE-2010-0162)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.18. You can find a link to the Mozilla\nadvisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.18, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.", "published": "2010-02-17T05:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0112", "cvelist": ["CVE-2009-1571", "CVE-2009-3988", "CVE-2010-0159", "CVE-2010-0160", "CVE-2010-0162", "CVE-2010-0167", "CVE-2010-0169", "CVE-2010-0171"], "lastseen": "2017-09-09T07:19:16"}, {"id": "RHSA-2010:0113", "type": "redhat", "title": "(RHSA-2010:0113) Critical: seamonkey security update", "description": "SeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nA use-after-free flaw was found in SeaMonkey. Under low memory conditions,\nvisiting a web page containing malicious content could result in SeaMonkey\nexecuting arbitrary code with the privileges of the user running SeaMonkey.\n(CVE-2009-1571)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-0159)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.", "published": "2010-02-17T05:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0113", "cvelist": ["CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0169", "CVE-2010-0171"], "lastseen": "2017-09-09T07:19:18"}, {"id": "RHSA-2010:0154", "type": "redhat", "title": "(RHSA-2010:0154) Moderate: thunderbird security update", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "published": "2010-03-17T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0154", "cvelist": ["CVE-2009-0689", "CVE-2009-1571", "CVE-2009-2462", "CVE-2009-2463", "CVE-2009-2466", "CVE-2009-2470", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3274", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3384", "CVE-2009-3979", "CVE-2010-0159", "CVE-2010-0163", "CVE-2010-0169", "CVE-2010-0171"], "lastseen": "2017-09-09T07:19:47"}, {"id": "RHSA-2010:0153", "type": "redhat", "title": "(RHSA-2010:0153) Moderate: thunderbird security update", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "published": "2010-03-17T04:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0153", "cvelist": ["CVE-2009-0689", "CVE-2009-1571", "CVE-2009-2462", "CVE-2009-2463", "CVE-2009-2466", "CVE-2009-2470", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3274", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3384", "CVE-2009-3979", "CVE-2010-0159", "CVE-2010-0163", "CVE-2010-0169", "CVE-2010-0171"], "lastseen": "2017-09-09T07:19:28"}], "oraclelinux": [{"id": "ELSA-2010-0112", "type": "oraclelinux", "title": "firefox security update", "description": "firefox:\n[3.0.18-1.0.1.el5_4]\n- Update firstrun and homepage URLs in specfile\n- Added patch oracle-firefox-branding.patch\n- Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html\n and removed the corresponding RedHat ones\n[3.0.18-1]\n- Update to 3.0.18\nxulrunner:\n[1.9.0.18-1.0.1.el5_4]\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\n RedHat one.\n[1.9.0.18-1]\n- Update to 1.9.0.18 ", "published": "2010-02-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0112.html", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0167", "CVE-2010-0162", "CVE-2010-0171", "CVE-2009-3988", "CVE-2010-0169"], "lastseen": "2016-09-04T11:17:01"}, {"id": "ELSA-2010-0113", "type": "oraclelinux", "title": "seamonkey security update", "description": "[1.0.9-52.0.1.el4_8]\n- Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html\n and removed corresponding RedHat ones\n[1.0.9-52.el4]\n- Added fixes from 1.9.0.18 ", "published": "2010-02-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0113.html", "cvelist": ["CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0171", "CVE-2010-0169"], "lastseen": "2016-09-04T11:16:12"}, {"id": "ELSA-2010-0154", "type": "oraclelinux", "title": "thunderbird security update", "description": "[1.5.0.12-25.0.1.el4]\n- Add thunderbird-oracle-default-prefs.js for errata rebuild and remove\n thunderbird-redhat-default-prefs.js\n- Replaced clean.gif in tarball\n[1.5.0.12-25]\n- Added patches from 2.0.0.24\n[1.5.0.12-24]\n- Update patchset to fix regression as per 1.9.0.13 ", "published": "2010-03-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0154.html", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "lastseen": "2016-09-04T11:17:11"}], "centos": [{"id": "CESA-2010:0112", "type": "centos", "title": "firefox, xulrunner security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0112\n\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA use-after-free flaw was found in Firefox. Under low memory conditions,\nvisiting a web page containing malicious content could result in Firefox\nexecuting arbitrary code with the privileges of the user running Firefox.\n(CVE-2009-1571)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-0159, CVE-2010-0160)\n\nTwo flaws were found in the way certain content was processed. An attacker\ncould use these flaws to create a malicious web page that could bypass the\nsame-origin policy, or possibly run untrusted JavaScript. (CVE-2009-3988,\nCVE-2010-0162)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.18. You can find a link to the Mozilla\nadvisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.18, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016507.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016508.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016525.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016526.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\nxulrunner-devel-unstable\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0112.html", "published": "2010-02-18T00:33:18", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-February/016507.html", "cvelist": ["CVE-2010-0160", "CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0167", "CVE-2010-0162", "CVE-2010-0171", "CVE-2009-3988", "CVE-2010-0169"], "lastseen": "2017-10-03T18:24:38"}, {"id": "CESA-2010:0113", "type": "centos", "title": "seamonkey security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0113\n\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nA use-after-free flaw was found in SeaMonkey. Under low memory conditions,\nvisiting a web page containing malicious content could result in SeaMonkey\nexecuting arbitrary code with the privileges of the user running SeaMonkey.\n(CVE-2009-1571)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2010-0159)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016505.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016506.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016509.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-February/016510.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0113.html", "published": "2010-02-18T00:29:51", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-February/016505.html", "cvelist": ["CVE-2009-1571", "CVE-2010-0159", "CVE-2010-0171", "CVE-2010-0169"], "lastseen": "2017-10-03T18:24:58"}, {"id": "CESA-2010:0154", "type": "centos", "title": "thunderbird security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0154\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016576.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016577.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0154.html", "published": "2010-03-17T19:24:23", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016576.html", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "lastseen": "2017-10-03T18:25:07"}, {"id": "CESA-2010:0153", "type": "centos", "title": "thunderbird security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0153\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016584.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/016585.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "published": "2010-03-26T21:37:29", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/016584.html", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "lastseen": "2017-10-03T18:24:42"}], "gentoo": [{"id": "GLSA-201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "published": "2013-01-08T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201301-01", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "lastseen": "2016-09-06T19:46:13"}], "seebug": [{"id": "SSV:19691", "type": "seebug", "title": "Firefox 3.6.3 (latest) &lt;= memory exhaustion crash vulnerabilities", "description": "No description provided by source.", "published": "2010-05-25T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-19691", "cvelist": ["CVE-2009-1571"], "lastseen": "2017-11-19T18:11:09"}, {"id": "SSV:19191", "type": "seebug", "title": "Firefox\u6d4f\u89c8\u5668\u5f15\u64ce\u8fdc\u7a0b\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "description": "BUGTRAQ ID: 38286\r\nCVE ID: CVE-2010-0159\r\n\r\nFirefox\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002\r\n\r\nFirefox\u6d4f\u89c8\u5668\u5f15\u64ce\u7684layout/generic/nsBlockFrame.cpp\u6587\u4ef6\u4e2d\u7684nsBlockFrame::StealFrame \u51fd\u6570\u4e2d\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u7528\u6237\u53d7\u9a97\u8bbf\u95ee\u4e86\u6076\u610f\u7f51\u9875\u5c31\u53ef\u80fd\u89e6\u53d1\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u5bfc\u81f4\u6d4f\u89c8\u5668\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nMozilla Firefox 3.5.x\r\nMozilla Firefox 3.0.x\r\nMozilla Thunderbird 3.0\r\nMozilla SeaMonkey 2.0\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u7981\u7528JavaScript\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nDebian\r\n------\r\nDebian\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08DSA-1999-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nDSA-1999-1\uff1aNew xulrunner packages fix several vulnerabilities\r\n\u94fe\u63a5\uff1ahttp://www.debian.org/security/2010/dsa-1999\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n\r\nSource archives:\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18-1.diff.gz\r\nSize/MD5 checksum: 116111 961d458012f83e32e0c3eb153359cc23\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18.orig.tar.gz\r\nSize/MD5 checksum: 44161859 eeb10647fe0fe9a6b20cb725732b79a9\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.18-1.dsc\r\nSize/MD5 checksum: 1755 cbbc2a673c56439890e4c75c0062e06a\r\n\r\nArchitecture independent packages:\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.18-1_all.deb\r\nSize/MD5 checksum: 1465392 7874b2aefed84b79736a44ef0589b3e2\r\n\r\nalpha architecture (DEC Alpha)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 3666096 3382b0eae2d985ae9bbcf16014806825\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 432294 c2ec2c14cabb28156734e9e6c96c84c5\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 112122 7d0db4c185015b0ec7caeb1e9843216c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 163800 e31c406c36c7ea503f772dbebc7039ba\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 938384 af22c500dae1c84c661b0afa62b5fc2c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 72604 4a6d162a104fd021e52e61bffe28d70e\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 223528 ebfeb23f90f207524d2b14c1ab25b742\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 51113942 62902bb1c3c8349090b9055d6efa1482\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_alpha.deb\r\nSize/MD5 checksum: 9501180 538eb45320247045794a15c4bd1071ac\r\n\r\namd64 architecture (AMD x86_64 (AMD64))\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 50351080 62a347648f988e78ca90d1d65be9ed13\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 101614 206328a373e5d2992ccb19ed064c8295\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 70008 41913d4df58730fe256a0bd480308d8e\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 223086 7eeb2da5ef7f96811b88e6cc97181a99\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 374298 b864e663810235886e5880c494043a01\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 890318 6fe29f796873ccdcfef29a98ca623b9c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 7730124 0ccda6e5dbfac8f7d943b809ea6cb3dd\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 152064 f7f7bc816f78aed6b1afa7a9b42469b4\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_amd64.deb\r\nSize/MD5 checksum: 3290046 806026ede74d749bc3a900ff56371f18\r\n\r\narm architecture (ARM)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 350644 37e691c10c63e6b489e6540cdef420e2\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 49307652 46a58ff355717da9e5ff845bcf9981b5\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 68334 da39688fccc9ee6e5a166af30995fbde\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 222152 8c0347c37daff67429faba68b94d12a3\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 83992 85a600ebcf53662d7b43f1b06e3bf86a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 3583634 561e9b19477c0dc7a397fd068bf69230\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 815240 8815149ae297fc80b6a6583a87129f71\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 6797362 cb6388fb24c282d11557598dc5fdf67c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_arm.deb\r\nSize/MD5 checksum: 140764 11c84fe62069de449a85b88a747ab55b\r\n\r\narmel architecture (ARM EABI)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 223466 9ca0da7a2de7faa57d73138f20eb1951\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 6957582 15ac2699febcd1aa80eb5777b107f9a1\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 50145544 ea9e32f6fdbbb13c6c13ceabd754fe46\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 3581130 b848057bc9531db0d45f3e546b9008d2\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 352992 88696f63901aad373381a57648ae5b97\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 141322 ffb5f9bd526ae8332796af053ffa443f\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 84358 83aa9d77331cacc83d499f051045e5f2\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 822052 b1b624be2de8d879031968da29db1204\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_armel.deb\r\nSize/MD5 checksum: 69828 bf44c1a8dd3032732a5f095531bb60bc\r\n\r\nhppa architecture (HP PA RISC)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 158562 0fc6d96735f5cf70d0c6919a8957b626\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 9515012 6ed8f49f167bb6ed571d69bb6b4e7e80\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 413118 1c44a3840c9d819df841c1364065ae51\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 899168 791aecc32ffad7c9c8a8e262d89e2f4c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 51229704 feeafa3d9f4c2a019eb6d7d6ed86e384\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 223408 760eebdfd9d75de15598b6942c24ed58\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 72076 4c1af3bdcc34ed60fa67046f8c0f27b6\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 106790 34128b587f9bc4440273f2a9c50c60dd\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_hppa.deb\r\nSize/MD5 checksum: 3631216 879fb7d48fac57fb7cbc7b745aefc80a\r\n\r\ni386 architecture (Intel ia32)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 6602846 f4a442cd4340401eaf15b3789c6440a3\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 221986 f5952c4ff53f23dcbb5e83d4a1dc735a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 68144 aa5b5b1f2bd1dd4dca1d6f23a1e77475\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 82650 c92d7cdd88482af8d17372fb206a7771\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 49521182 ab05f06480be3fccd20cdf24f3316170\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 350912 5d04bea3ead683aa294c3c6a69ca51df\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 3569664 9b88aef38d9c9afa92404e5a1aa1858a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 852056 fc6194c645bad45268962040cf2f741f\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_i386.deb\r\nSize/MD5 checksum: 140810 8bf780e4cd352063c1db860ba2ce6442\r\n\r\nia64 architecture (Intel ia64)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 3399426 8368a170abe08b475502ffaa8f6ef01a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 542202 f339fded4d5e1e72ce22a021a2e855c9\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 76590 31997304eef7aee61ff7cce784b64ee5\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 223218 27abf1d33790a29eeeed3ea4b4964a85\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 121604 ebce1c45860953d72149ea62df1c3614\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 811250 c05f1961aa895766395478b83ff2cc3c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 11311038 012ce2b6d478aff1425ac67d7ab363f1\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 49702958 70229b141f044a4e9f9b59bd6bd76769\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_ia64.deb\r\nSize/MD5 checksum: 180270 33ec97ddc77999747ca8255fe6ca5b1e\r\n\r\nmips architecture (MIPS (Big Endian))\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 51875290 249aa2adc5bc08d12d15c5ff31bb9677\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 223132 c8aaf2d7fae0c056e36e1400d89626a6\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 70216 11ff7e521c0a01fe591ccea2f854c983\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 3616440 6f9099c4e119ad9417e723d8686d5047\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 380320 3b48ef0b7b6fb5099c8289a1d034d66c\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 97184 f1ce0ac5d9a06b8df3316679e727f3df\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 7676832 f956e5bbe2f0b39127305a61656aed6a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 918340 900ca7652a94f3c85a256bbd1b9e44c3\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_mips.deb\r\nSize/MD5 checksum: 144712 43ea8dbcea280d63a42846dde20811d9\r\n\r\nmipsel architecture (MIPS (Little Endian))\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 378688 823e2e84fb9f476a5362f7efe4e30777\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 69948 31ec842502b7faf5dbecaa80ef2cbee1\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 7379096 e48e59237114483e16f80d99dc76b2ba\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 3310672 c1123f4d6e89997ddb4a09d428bbbf48\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 900496 cda86c575da08ebd21bb6c6001f085cb\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 145096 63bd9568ef5aaf9429c4e5b37b030c27\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 49999804 682d85b71c822db082443d47bfa0dd50\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 96850 23b2c1836a133774cc47868ebd2bf111\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_mipsel.deb\r\nSize/MD5 checksum: 223238 13d5d183ba4b9788153f285d67eded79\r\n\r\npowerpc architecture (PowerPC)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 7304358 74dd5ed0d04ececdc6e2918f2f9809ee\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 152670 c96287c675dc73d15e15656996de1bb4\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 3592560 a7e7dcd1332a7de0a851b108454c907d\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 73424 46e45ae58cab7ced9fdea35598c65ec5\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 223230 08d8ae57f6a060087dcdaf26e0680e32\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 888386 db4e4b4915cdf22af9cb0f84ebf85d4d\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 94424 55bf14bf0548eb0e378bd569dc19cb7d\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 51424848 885ebada38e85a1ee012abb7d6eb73e5\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_powerpc.deb\r\nSize/MD5 checksum: 363422 320d25d4362871bd739d6612f6cecce2\r\n\r\ns390 architecture (IBM S/390)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 3307864 2933d8e82890dd74ede9b9c5146e7dbf\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 406776 4ed85a0aff956abc622bc6886604fef9\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 72972 57cd33e5a3eb33a193ed5e7b7f7d54eb\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 156196 a130564911637e4f646bfc1a4b426210\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 909430 287a6be6c2d44da44b5512b1865f05b6\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 8396240 63a64bdb1c250679a39ac129e9f51740\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 105630 8aae2a1d417e4a99c66fa96878881b62\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 51200776 f7c31d337a4a5597637bc2e31e1ec0b7\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_s390.deb\r\nSize/MD5 checksum: 223216 cdf974bc762234a45aa5223d775de2c9\r\n\r\nsparc architecture (Sun SPARC/UltraSPARC)\r\n\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 143860 091ec390f015be3eba4c522c66ee51e3\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 821270 330960373dbb626d51d4149a81e24429\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 49375502 f6bec1eefff555877964ca0d5051ec98\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 3574148 98a929f2aa4dab1faee64e38b731ee59\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 69840 96c306ae02ba5538beca32315bd92b35\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 221208 99b117922e86cd870ac0ecd53af0ef2d\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 83804 7b0485601946739a0da66761c777eb53\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 350608 d7bb678be22d7d4e341535bc68ec8d2a\r\nhttp://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.18-1_sparc.deb\r\nSize/MD5 checksum: 7173326 9cc51c4ca3b567c93e30abd0bdd78dca\r\n\r\n\u8865\u4e01\u5b89\u88c5\u65b9\u6cd5\uff1a\r\n\r\n1. \u624b\u5de5\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u4e0b\u8f7d\u8865\u4e01\u8f6f\u4ef6\uff1a\r\n # wget url (url\u662f\u8865\u4e01\u4e0b\u8f7d\u94fe\u63a5\u5730\u5740)\r\n\r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6765\u5b89\u88c5\u8865\u4e01\uff1a \r\n # dpkg -i file.deb (file\u662f\u76f8\u5e94\u7684\u8865\u4e01\u540d)\r\n\r\n2. \u4f7f\u7528apt-get\u81ea\u52a8\u5b89\u88c5\u8865\u4e01\u5305\uff1a\r\n\r\n \u9996\u5148\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u66f4\u65b0\u5185\u90e8\u6570\u636e\u5e93\uff1a\r\n # apt-get update\r\n \r\n \u7136\u540e\uff0c\u4f7f\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u5b89\u88c5\u66f4\u65b0\u8f6f\u4ef6\u5305\uff1a\r\n # apt-get upgrade\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2010:0112-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2010:0112-01\uff1aCritical: firefox security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2010-0112.html\r\n\r\nUbuntu\r\n------\r\nUbuntu\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08USN-895-1\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nUSN-895-1\uff1afirefox-3.0, xulrunner-1.9 vulnerabilities\r\n\u94fe\u63a5\uff1ahttp://www.ubuntu.com/usn/USN-895-1", "published": "2010-02-26T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-19191", "cvelist": ["CVE-2010-0159"], "lastseen": "2017-11-19T18:14:40"}, {"id": "SSV:19160", "type": "seebug", "title": "Firefox showModalDialog()\u65b9\u6cd5\u8de8\u57df\u811a\u672c\u6267\u884c\u6f0f\u6d1e", "description": "CVE ID: CVE-2009-3988\r\n\r\nFirefox\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002\r\n\r\nFirefox\u7684\u540c\u6e90\u7b56\u7565\u5b9e\u73b0\u4e0a\u5b58\u5728\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u901a\u8fc7\u4f7f\u7528showModalDialog() JavaScript\u65b9\u6cd5\u7ed5\u8fc7\u6743\u9650\u9650\u5236\uff0c\u83b7\u53d6\u5176\u4ed6\u6d4f\u89c8\u7f51\u9762\u7684\u4fe1\u606f\u3002\r\n\r\n\u5229\u7528\u6b64\u6f0f\u6d1e\u9700\u8981\u4e00\u5b9a\u7684\u7528\u6237\u4ea4\u4e92\u53d1\u751f\u3002\n\nMozilla Firefox 3.0.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/security/announce/2010/mfsa2010-04.html", "published": "2010-02-20T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.seebug.org/vuldb/ssvid-19160", "cvelist": ["CVE-2009-3988"], "lastseen": "2017-11-19T18:14:14"}]}}