Lucene search
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.SUSE_11_MOZILLAFIREFOX-090924.NASLHistoryOct 01, 2009 - 12:00 a.m.
SuSE 11 Security Update : Firefox (SAT Patch Number 1340)
2009-10-0100:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
30
This update brings Mozilla Firefox from the 3.0 stable branch to the current stable branch version 3.5.3.
It also fixes various security issues :
-
/ / CVE-2009-3075: Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073)
-
An anonymous security researcher, via TippingPoint’s Zero Day Initiative, reported that the columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim’s browser and run arbitrary code on the victim’s computer. (MFSA 2009-49 / CVE-2009-3077)
-
Security researcher Juan Pablo Lopez Yacubian reported that the default Windows font used to render the locationbar and other text fields was improperly displaying certain Unicode characters with tall line-height. In such cases the tall line-height would cause the rest of the text in the input field to be scrolled vertically out of view. An attacker could use this vulnerability to prevent a user from seeing the URL of a malicious site. Corrie Sloot also independently reported this issue to Mozilla. (MFSA 2009-50 / CVE-2009-3078)
-
Mozilla security researcher moz_bug_r_a4 reported that the BrowserFeedWriter could be leveraged to run JavaScript code from web content with elevated privileges. Using this vulnerability, an attacker could construct an object containing malicious JavaScript and cause the FeedWriter to process the object, running the malicious code with chrome privileges. Thunderbird does not support the BrowserFeedWriter object and is not vulnerable in its default configuration. Thunderbird might be vulnerable if the user has installed any add-on which adds a similarly implemented feature and then enables JavaScript in mail messages. This is not the default setting and we strongly discourage users from running JavaScript in mail. (MFSA 2009-51 / CVE-2009-3079)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(41955);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2009-3069", "CVE-2009-3070", "CVE-2009-3071", "CVE-2009-3072", "CVE-2009-3073", "CVE-2009-3075", "CVE-2009-3077", "CVE-2009-3078", "CVE-2009-3079");
script_name(english:"SuSE 11 Security Update : Firefox (SAT Patch Number 1340)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update brings Mozilla Firefox from the 3.0 stable branch to the
current stable branch version 3.5.3.
It also fixes various security issues :
- / / CVE-2009-3075: Mozilla developers and community
members identified and fixed several stability bugs in
the browser engine used in Firefox and other
Mozilla-based products. Some of these crashes showed
evidence of memory corruption under certain
circumstances and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code. (MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 /
CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073)
- An anonymous security researcher, via TippingPoint's
Zero Day Initiative, reported that the columns of a XUL
tree element could be manipulated in a particular way
which would leave a pointer owned by the column pointing
to freed memory. An attacker could potentially use this
vulnerability to crash a victim's browser and run
arbitrary code on the victim's computer. (MFSA 2009-49 /
CVE-2009-3077)
- Security researcher Juan Pablo Lopez Yacubian reported
that the default Windows font used to render the
locationbar and other text fields was improperly
displaying certain Unicode characters with tall
line-height. In such cases the tall line-height would
cause the rest of the text in the input field to be
scrolled vertically out of view. An attacker could use
this vulnerability to prevent a user from seeing the URL
of a malicious site. Corrie Sloot also independently
reported this issue to Mozilla. (MFSA 2009-50 /
CVE-2009-3078)
- Mozilla security researcher moz_bug_r_a4 reported that
the BrowserFeedWriter could be leveraged to run
JavaScript code from web content with elevated
privileges. Using this vulnerability, an attacker could
construct an object containing malicious JavaScript and
cause the FeedWriter to process the object, running the
malicious code with chrome privileges. Thunderbird does
not support the BrowserFeedWriter object and is not
vulnerable in its default configuration. Thunderbird
might be vulnerable if the user has installed any add-on
which adds a similarly implemented feature and then
enables JavaScript in mail messages. This is not the
default setting and we strongly discourage users from
running JavaScript in mail. (MFSA 2009-51 /
CVE-2009-3079)"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.mozilla.org/security/announce/2009/mfsa2009-47.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.mozilla.org/security/announce/2009/mfsa2009-49.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.mozilla.org/security/announce/2009/mfsa2009-50.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.mozilla.org/security/announce/2009/mfsa2009-51.html"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=534458"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3069.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3070.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3071.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3072.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3073.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3075.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3077.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3078.html"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2009-3079.html"
);
script_set_attribute(attribute:"solution", value:"Apply SAT patch number 1340.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cwe_id(20, 94);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-branding-SLED");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libfreebl3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nspr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs-32bit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations-32bit");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2009/09/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/01");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (pl) audit(AUDIT_OS_NOT, "SuSE 11.0");
flag = 0;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"MozillaFirefox-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"MozillaFirefox-branding-SLED-3.5-1.1.5")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"MozillaFirefox-translations-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"libfreebl3-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-nspr-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-nss-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-nss-tools-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner191-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner191-gnomevfs-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"i586", reference:"mozilla-xulrunner191-translations-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"MozillaFirefox-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"MozillaFirefox-branding-SLED-3.5-1.1.5")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"MozillaFirefox-translations-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libfreebl3-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"libfreebl3-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-nspr-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-nspr-32bit-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-nss-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-nss-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-nss-tools-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-32bit-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-gnomevfs-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-gnomevfs-32bit-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-translations-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLED11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-translations-32bit-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"MozillaFirefox-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"MozillaFirefox-branding-SLED-3.5-1.1.5")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"MozillaFirefox-translations-3.5.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"libfreebl3-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-nspr-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-nss-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-nss-tools-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner191-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner191-gnomevfs-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, reference:"mozilla-xulrunner191-translations-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"libfreebl3-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"mozilla-nspr-32bit-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"mozilla-nss-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"s390x", reference:"mozilla-xulrunner191-32bit-1.9.1.3-1.1.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"libfreebl3-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"mozilla-nspr-32bit-4.8-1.3.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"mozilla-nss-32bit-3.12.3.1-1.2.1")) flag++;
if (rpm_check(release:"SLES11", sp:0, cpu:"x86_64", reference:"mozilla-xulrunner191-32bit-1.9.1.3-1.1.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozillafirefox |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozillafirefox-branding-sled |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozillafirefox-translations |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libfreebl3 |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nspr |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit |
| novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3079
support.novell.com/security/cve/CVE-2009-3069.html
support.novell.com/security/cve/CVE-2009-3070.html
support.novell.com/security/cve/CVE-2009-3071.html
support.novell.com/security/cve/CVE-2009-3072.html
support.novell.com/security/cve/CVE-2009-3073.html
support.novell.com/security/cve/CVE-2009-3075.html
support.novell.com/security/cve/CVE-2009-3077.html
support.novell.com/security/cve/CVE-2009-3078.html
support.novell.com/security/cve/CVE-2009-3079.html
www.mozilla.org/security/announce/2009/mfsa2009-47.html
www.mozilla.org/security/announce/2009/mfsa2009-49.html
www.mozilla.org/security/announce/2009/mfsa2009-50.html
www.mozilla.org/security/announce/2009/mfsa2009-51.html
bugzilla.novell.com/show_bug.cgi?id=534458
Related
openvas
openvas
SLES11: Security update for Firefox
2009-10-11 00:00:00
SLES11: Security update for Firefox
2009-10-11 00:00:00
SLES11: Security update for Mozilla
2009-10-11 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: galeon-2.0.7-14.fc11
2009-09-11 23:33:35
[SECURITY] Fedora 11 Update: seahorse-plugins-2.26.2-5.fc11
2009-09-11 23:33:35
[SECURITY] Fedora 11 Update: chmsee-1.0.1-11.fc11
2009-09-11 23:33:35
nessus
nessus
securityvulns
securityvulns
Mozilla Firefox multiple security vulnerabilities
2009-09-11 00:00:00
Mozilla Foundation Security Advisory 2009-47
2009-09-10 00:00:00
Mozilla Foundation Security Advisory 2009-50
2009-09-10 00:00:00
freebsd
freebsd
mozilla firefox -- multiple vulnerabilities
2009-09-10 00:00:00
mozilla -- multiple vulnerabilities
2010-03-16 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.9.1.3/ 1.9.0.14) — Mozilla
2009-09-09 00:00:00
Location bar spoofing via tall line-height Unicode characters — Mozilla
2009-09-09 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-09-10 00:00:00
Thunderbird vulnerabilities
2010-03-18 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-09-14 00:00:00
centos
centos
firefox, nspr, xulrunner security update
2009-09-10 22:47:20
seamonkey security update
2009-09-10 22:51:03
seamonkey security update
2009-09-10 11:03:30
redhat
redhat
(RHSA-2009:1430) Critical: firefox security update
2009-09-09 00:00:00
(RHSA-2009:1431) Critical: seamonkey security update
2009-09-09 00:00:00
(RHSA-2009:1432) Critical: seamonkey security update
2009-09-09 00:00:00
debian
debian
[SECURITY] [DSA 1885-1] New xulrunner packages fix several vulnerabilities
2009-09-14 17:05:35
oraclelinux
oraclelinux
firefox security update
2009-09-10 00:00:00
seamonkey security update
2009-09-10 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-10-20 17:59:46
prion
prion
Memory corruption
2009-09-10 21:30:00
Memory corruption
2009-09-10 21:30:00
Memory corruption
2009-09-10 21:30:00
ubuntucve
ubuntucve
checkpoint_advisories
checkpoint_advisories
cve
cve
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:37:57
Arbitrary Code Execution
2020-04-10 00:37:56
Remote Code Execution (RCE)
2020-04-10 00:37:58
zdi
zdi
Mozilla Firefox TreeColumns Dangling Pointer Vulnerability
2009-09-10 00:00:00
Related for SUSE_11_MOZILLAFIREFOX-090924.NASL