Search...

Ubuntu 11.04 : Firefox vulnerabilities (USN-1121-1)

2011-06-13T00:00:00

ID UBUNTU_USN-1121-1.NASL
Type nessus
Reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2019-09-19T00:00:00

Description

Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. (CVE-2011-0081)

It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. (CVE-2011-0069)

Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. (CVE-2011-0070)

Chris Evans discovered a vulnerability in Firefox's XSLT generate-id() function. An attacker could possibly use this vulnerability to make other attacks more reliable. (CVE-2011-1202).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1121-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# &lt;http://www.ubuntu.com/usn/&gt;. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(55079);
  script_version("1.10");
  script_cvs_date("Date: 2019/09/19 12:54:27");

  script_cve_id("CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-1202");
  script_xref(name:"USN", value:"1121-1");

  script_name(english:"Ubuntu 11.04 : Firefox vulnerabilities (USN-1121-1)");
  script_summary(english:"Checks dpkg output for updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Ubuntu host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted
Mielczarek discovered multiple memory vulnerabilities. An attacker
could exploit these to possibly run arbitrary code as the user running
Firefox. (CVE-2011-0079)

It was discovered that there was a vulnerability in the memory
handling of certain types of content. An attacker could exploit this
to possibly run arbitrary code as the user running Firefox.
(CVE-2011-0081)

It was discovered that Firefox incorrectly handled certain JavaScript
requests. An attacker could exploit this to possibly run arbitrary
code as the user running Firefox. (CVE-2011-0069)

Ian Beer discovered a vulnerability in the memory handling of a
certain types of documents. An attacker could exploit this to possibly
run arbitrary code as the user running Firefox. (CVE-2011-0070)

Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()
function. An attacker could possibly use this vulnerability to make
other attacks more reliable. (CVE-2011-1202).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/1121-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected firefox package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:firefox");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/04/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/13");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(11\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 11.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"11.04", pkgname:"firefox", pkgver:"4.0.1+build1+nobinonly-0ubuntu0.11.04.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "firefox");
}

JSON Vulners Source

Initial Source

{"id": "UBUNTU_USN-1121-1.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Ubuntu 11.04 : Firefox vulnerabilities (USN-1121-1)", "description": "Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)\n\nIt was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox.\n(CVE-2011-0081)\n\nIt was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. (CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. (CVE-2011-0070)\n\nChris Evans discovered a vulnerability in Firefox's XSLT generate-id() function. An attacker could possibly use this vulnerability to make other attacks more reliable. (CVE-2011-1202).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-06-13T00:00:00", "modified": "2019-09-19T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/55079", "reporter": "Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070", "https://usn.ubuntu.com/1121-1/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0079", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069"], "cvelist": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-1202"], "immutableFields": [], "lastseen": "2021-08-19T13:00:43", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-123"]}, {"type": "android", "idList": ["ANDROID:ANDROID_BROWSER_EXPLOIT_WEBKIT"]}, {"type": "centos", "idList": ["CESA-2011:0471", "CESA-2012:1265"]}, {"type": "cve", "idList": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-0195", "CVE-2011-1202", "CVE-2011-1713"]}, {"type": "debian", "idList": ["DEBIAN:BSA-034:9DF39", "DEBIAN:DSA-2227-1:C543D", "DEBIAN:DSA-2228-1:3272E", "DEBIAN:DSA-2235-1:7DA12"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1202"]}, {"type": "fedora", "idList": ["FEDORA:498E820A9F", "FEDORA:6829022A44", "FEDORA:C70C120226"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2011-0081/", "MSF:ILITIES/GENTOO-LINUX-CVE-2011-0070/", "MSF:ILITIES/GENTOO-LINUX-CVE-2011-0079/", "MSF:ILITIES/GENTOO-LINUX-CVE-2011-0081/", "MSF:ILITIES/SUSE-CVE-2011-0081/"]}, {"type": "mozilla", "idList": ["MFSA2011-12", "MFSA2011-18"]}, {"type": "nessus", "idList": ["5812.PASL", "5900.PRM", "5901.PRM", "5902.PRM", "5903.PRM", "5904.PRM", "800960.PRM", "801238.PRM", "801247.PRM", "801264.PRM", "801271.PRM", "801324.PRM", "ALA_ALAS-2012-123.NASL", "CENTOS_RHSA-2011-0471.NASL", "CENTOS_RHSA-2012-1265.NASL", "DEBIAN_DSA-2227.NASL", "DEBIAN_DSA-2228.NASL", "DEBIAN_DSA-2235.NASL", "FEDORA_2012-14048.NASL", "FEDORA_2012-14083.NASL", "FEDORA_2012-15716.NASL", "GENTOO_GLSA-201301-01.NASL", "GOOGLE_CHROME_10_0_648_127.NASL", "MANDRIVA_MDVSA-2011-079.NASL", "MANDRIVA_MDVSA-2011-080.NASL", "MANDRIVA_MDVSA-2012-164.NASL", "MOZILLA_FIREFOX_3519.NASL", "MOZILLA_FIREFOX_3617.NASL", "MOZILLA_FIREFOX_401.NASL", "MOZILLA_THUNDERBIRD_3110.NASL", "ORACLELINUX_ELSA-2011-0471.NASL", "ORACLELINUX_ELSA-2011-0475.NASL", "ORACLELINUX_ELSA-2012-1265.NASL", "REDHAT-RHSA-2011-0471.NASL", "REDHAT-RHSA-2011-0475.NASL", "REDHAT-RHSA-2012-1265.NASL", "SEAMONKEY_2014.NASL", "SL_20110428_FIREFOX_ON_SL4_X.NASL", "SL_20110428_THUNDERBIRD_ON_SL6_X.NASL", "SL_20120913_LIBXSLT_ON_SL5_X.NASL", "SOLARIS11_LIBXSLT_20140114_2.NASL", "SUSE_11_2_MOZILLA-XULRUNNER191-110429.NASL", "SUSE_11_2_MOZILLAFIREFOX-110429.NASL", "SUSE_11_2_MOZILLATHUNDERBIRD-110429.NASL", "SUSE_11_2_SEAMONKEY-110429.NASL", "SUSE_11_3_MOZILLA-XULRUNNER191-110429.NASL", "SUSE_11_3_MOZILLAFIREFOX-110429.NASL", "SUSE_11_3_MOZILLATHUNDERBIRD-110429.NASL", "SUSE_11_3_SEAMONKEY-110429.NASL", "SUSE_11_4_MOZILLA-JS192-110429.NASL", "SUSE_11_4_MOZILLAFIREFOX-110429.NASL", "SUSE_11_4_MOZILLATHUNDERBIRD-110429.NASL", "SUSE_11_4_SEAMONKEY-110429.NASL", "SUSE_11_MOZILLA-XULRUNNER191-110429.NASL", "SUSE_11_MOZILLAFIREFOX-110429.NASL", "SUSE_MOZILLA-XULRUNNER191-7492.NASL", "SUSE_MOZILLA-XULRUNNER191-7493.NASL", "SUSE_MOZILLAFIREFOX-7490.NASL", "SUSE_MOZILLAFIREFOX-7491.NASL", "UBUNTU_USN-1112-1.NASL", "UBUNTU_USN-1122-1.NASL", "UBUNTU_USN-1122-2.NASL", "UBUNTU_USN-1122-3.NASL", "UBUNTU_USN-1123-1.NASL", "UBUNTU_USN-1595-1.NASL", "VMWARE_ESXI_5_1_BUILD_1063671_REMOTE.NASL", "VMWARE_ESX_VMSA-2013-0001_REMOTE.NASL", "VMWARE_VMSA-2013-0001.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103655", "OPENVAS:1361412562310103655", "OPENVAS:1361412562310120479", "OPENVAS:1361412562310121000", "OPENVAS:1361412562310122184", "OPENVAS:1361412562310122186", "OPENVAS:1361412562310123820", "OPENVAS:136141256231069570", "OPENVAS:136141256231069573", "OPENVAS:136141256231069590", "OPENVAS:136141256231069731", "OPENVAS:1361412562310801762", "OPENVAS:1361412562310801763", "OPENVAS:1361412562310801884", "OPENVAS:1361412562310801886", "OPENVAS:1361412562310801887", "OPENVAS:1361412562310831383", "OPENVAS:1361412562310831384", "OPENVAS:1361412562310831387", "OPENVAS:1361412562310831746", "OPENVAS:1361412562310840635", "OPENVAS:1361412562310840640", "OPENVAS:1361412562310840642", "OPENVAS:1361412562310840650", "OPENVAS:1361412562310840652", "OPENVAS:1361412562310840675", "OPENVAS:1361412562310841174", "OPENVAS:1361412562310850166", "OPENVAS:1361412562310850607", "OPENVAS:1361412562310864750", "OPENVAS:1361412562310864756", "OPENVAS:1361412562310870425", "OPENVAS:1361412562310870601", "OPENVAS:1361412562310870826", "OPENVAS:1361412562310880513", "OPENVAS:1361412562310880561", "OPENVAS:1361412562310881346", "OPENVAS:1361412562310881393", "OPENVAS:1361412562310881491", "OPENVAS:1361412562310881494", "OPENVAS:69570", "OPENVAS:69573", "OPENVAS:69590", "OPENVAS:69731", "OPENVAS:801762", "OPENVAS:801763", "OPENVAS:801884", "OPENVAS:801886", "OPENVAS:801887", "OPENVAS:831383", "OPENVAS:831384", "OPENVAS:831387", "OPENVAS:831746", "OPENVAS:840635", "OPENVAS:840640", "OPENVAS:840642", "OPENVAS:840650", "OPENVAS:840652", "OPENVAS:840675", "OPENVAS:841174", "OPENVAS:850166", "OPENVAS:864750", "OPENVAS:864756", "OPENVAS:870425", "OPENVAS:870601", "OPENVAS:870826", "OPENVAS:880513", "OPENVAS:880561", "OPENVAS:881346", "OPENVAS:881393", "OPENVAS:881491", "OPENVAS:881494"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0471", "ELSA-2011-0475", "ELSA-2012-1265"]}, {"type": "redhat", "idList": ["RHSA-2011:0471", "RHSA-2011:0475", "RHSA-2012:1265", "RHSA-2012:1325"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26237", "SECURITYVULNS:DOC:26243", "SECURITYVULNS:DOC:28605", "SECURITYVULNS:VULN:11633", "SECURITYVULNS:VULN:12615"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:1100-1", "SUSE-SA:2011:022"]}, {"type": "ubuntu", "idList": ["USN-1112-1", "USN-1121-1", "USN-1122-1", "USN-1122-2", "USN-1122-3", "USN-1123-1", "USN-1595-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0069", "UB:CVE-2011-0070", "UB:CVE-2011-0079", "UB:CVE-2011-0081", "UB:CVE-2011-1202"]}, {"type": "vmware", "idList": ["VMSA-2013-0001", "VMSA-2013-0001.5"]}]}, "score": {"value": 8.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2011:0471", "CESA-2012:1265"]}, {"type": "cve", "idList": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-1202"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2228-1:3272E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-1202"]}, {"type": "fedora", "idList": ["FEDORA:498E820A9F"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/GENTOO-LINUX-CVE-2011-0079/"]}, {"type": "mozilla", "idList": ["MFSA2011-12"]}, {"type": "nessus", "idList": ["FEDORA_2012-14083.NASL", "SUSE_11_3_MOZILLA-XULRUNNER191-110429.NASL", "SUSE_11_3_MOZILLAFIREFOX-110429.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840652", "OPENVAS:1361412562310870601", "OPENVAS:801886", "OPENVAS:831746", "OPENVAS:840652", "OPENVAS:880561"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0471", "ELSA-2011-0475"]}, {"type": "redhat", "idList": ["RHSA-2011:0471"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28605"]}, {"type": "ubuntu", "idList": ["USN-1122-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-0079", "UB:CVE-2011-0081"]}, {"type": "vmware", "idList": ["VMSA-2013-0001"]}]}, "exploitation": null, "vulnersScore": 8.6}, "pluginID": "55079", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1121-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55079);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_xref(name:\"USN\", value:\"1121-1\");\n\n script_name(english:\"Ubuntu 11.04 : Firefox vulnerabilities (USN-1121-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted\nMielczarek discovered multiple memory vulnerabilities. An attacker\ncould exploit these to possibly run arbitrary code as the user running\nFirefox. (CVE-2011-0079)\n\nIt was discovered that there was a vulnerability in the memory\nhandling of certain types of content. An attacker could exploit this\nto possibly run arbitrary code as the user running Firefox.\n(CVE-2011-0081)\n\nIt was discovered that Firefox incorrectly handled certain JavaScript\nrequests. An attacker could exploit this to possibly run arbitrary\ncode as the user running Firefox. (CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a\ncertain types of documents. An attacker could exploit this to possibly\nrun arbitrary code as the user running Firefox. (CVE-2011-0070)\n\nChris Evans discovered a vulnerability in Firefox's XSLT generate-id()\nfunction. An attacker could possibly use this vulnerability to make\nother attacks more reliable. (CVE-2011-1202).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1121-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"firefox\", pkgver:\"4.0.1+build1+nobinonly-0ubuntu0.11.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:11.04"], "solution": "Update the affected firefox package.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2011-04-29T00:00:00", "vulnerabilityPublicationDate": "2011-03-10T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"ubuntu": [{"lastseen": "2022-01-04T13:13:38", "description": "Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek \ndiscovered multiple memory vulnerabilities. An attacker could exploit these \nto possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)\n\nIt was discovered that there was a vulnerability in the memory handling of \ncertain types of content. An attacker could exploit this to possibly run \narbitrary code as the user running Firefox. (CVE-2011-0081)\n\nIt was discovered that Firefox incorrectly handled certain JavaScript \nrequests. An attacker could exploit this to possibly run arbitrary code as \nthe user running Firefox. (CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain \ntypes of documents. An attacker could exploit this to possibly run \narbitrary code as the user running Firefox. (CVE-2011-0070)\n\nChris Evans discovered a vulnerability in Firefox's XSLT generate-id() \nfunction. An attacker could possibly use this vulnerability to make other \nattacks more reliable. (CVE-2011-1202)\n", "cvss3": {}, "published": "2011-04-30T00:00:00", "type": "ubuntu", "title": "Firefox vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0081", "CVE-2011-0079", "CVE-2011-1202", "CVE-2011-0069", "CVE-2011-0070"], "modified": "2011-04-30T00:00:00", "id": "USN-1121-1", "href": "https://ubuntu.com/security/notices/USN-1121-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:13:30", "description": "USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. \nThis update provides the corresponding fixes for Natty.\n\nOriginal advisory details:\n\nIt was discovered that there was a vulnerability in the memory handling of \ncertain types of content. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\nIt was discovered that Thunderbird incorrectly handled certain JavaScript \nrequests. If JavaScript were enabled, an attacker could exploit this to \npossibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain \ntypes of documents. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\nBob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman \ndiscovered several memory vulnerabilities. An attacker could exploit these \nto possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0080)\n\nAki Helin discovered multiple vulnerabilities in the HTML rendering code. \nAn attacker could exploit these to possibly run arbitrary code as the user \nrunning Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\nIan Beer discovered multiple overflow vulnerabilities. An attacker could \nexploit these to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0077, CVE-2011-0078)\n\nMartin Barbella discovered a memory vulnerability in the handling of \ncertain DOM elements. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\nIt was discovered that there were use-after-free vulnerabilities in \nThunderbird's mChannel and mObserverList objects. An attacker could exploit \nthese to possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0065, CVE-2011-0066)\n\nIt was discovered that there was a vulnerability in the handling of the \nnsTreeSelection element. An attacker sending a specially crafted E-Mail \ncould exploit this to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0073)\n\nPaul Stone discovered a vulnerability in the handling of Java applets. If \nplugins were enabled, an attacker could use this to mimic interaction with \nform autocomplete controls and steal entries from the form history. \n(CVE-2011-0067)\n\nSoroush Dalili discovered a vulnerability in the resource: protocol. This \ncould potentially allow an attacker to load arbitrary files that were \naccessible to the user running Thunderbird. (CVE-2011-0071)\n\nChris Evans discovered a vulnerability in Thunderbird's XSLT generate-id() \nfunction. An attacker could possibly use this vulnerability to make other \nattacks more reliable. (CVE-2011-1202)\n", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "ubuntu", "title": "Thunderbird vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0071", "CVE-2011-0078", "CVE-2011-0081", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0067", "CVE-2011-0065", "CVE-2011-0080", "CVE-2011-0070", "CVE-2011-0073", "CVE-2011-1202", "CVE-2011-0072", "CVE-2011-0077", "CVE-2011-0069", "CVE-2011-0066"], "modified": "2011-05-05T00:00:00", "id": "USN-1122-2", "href": "https://ubuntu.com/security/notices/USN-1122-2", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:13:29", "description": "It was discovered that there was a vulnerability in the memory handling of \ncertain types of content. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\nIt was discovered that Thunderbird incorrectly handled certain JavaScript \nrequests. If JavaScript were enabled, an attacker could exploit this to \npossibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain \ntypes of documents. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\nBob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman \ndiscovered several memory vulnerabilities. An attacker could exploit these \nto possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0080)\n\nAki Helin discovered multiple vulnerabilities in the HTML rendering code. \nAn attacker could exploit these to possibly run arbitrary code as the user \nrunning Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\nIan Beer discovered multiple overflow vulnerabilities. An attacker could \nexploit these to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0077, CVE-2011-0078)\n\nMartin Barbella discovered a memory vulnerability in the handling of \ncertain DOM elements. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\nIt was discovered that there were use-after-free vulnerabilities in \nThunderbird's mChannel and mObserverList objects. An attacker could exploit \nthese to possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0065, CVE-2011-0066)\n\nIt was discovered that there was a vulnerability in the handling of the \nnsTreeSelection element. An attacker sending a specially crafted E-Mail \ncould exploit this to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0073)\n\nPaul Stone discovered a vulnerability in the handling of Java applets. If \nplugins were enabled, an attacker could use this to mimic interaction with \nform autocomplete controls and steal entries from the form history. \n(CVE-2011-0067)\n\nSoroush Dalili discovered a vulnerability in the resource: protocol. This \ncould potentially allow an attacker to load arbitrary files that were \naccessible to the user running Thunderbird. (CVE-2011-0071)\n\nChris Evans discovered a vulnerability in Thunderbird's XSLT generate-id() \nfunction. An attacker could possibly use this vulnerability to make other \nattacks more reliable. (CVE-2011-1202)\n", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "ubuntu", "title": "Thunderbird vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0071", "CVE-2011-0078", "CVE-2011-0081", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0067", "CVE-2011-0065", "CVE-2011-0080", "CVE-2011-0070", "CVE-2011-0073", "CVE-2011-1202", "CVE-2011-0072", "CVE-2011-0077", "CVE-2011-0069", "CVE-2011-0066"], "modified": "2011-05-05T00:00:00", "id": "USN-1122-1", "href": "https://ubuntu.com/security/notices/USN-1122-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:13:39", "description": "It was discovered that there was a vulnerability in the memory handling of \ncertain types of content. An attacker could exploit this to possibly run \narbitrary code as the user running Firefox. (CVE-2011-0081)\n\nIt was discovered that Firefox incorrectly handled certain JavaScript \nrequests. An attacker could exploit this to possibly run arbitrary code as \nthe user running Firefox. (CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain \ntypes of documents. An attacker could exploit this to possibly run \narbitrary code as the user running Firefox. (CVE-2011-0070)\n\nBob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman \ndiscovered several memory vulnerabilities. An attacker could exploit these \nto possibly run arbitrary code as the user running Firefox. (CVE-2011-0080)\n\nAki Helin discovered multiple vulnerabilities in the HTML rendering code. \nAn attacker could exploit these to possibly run arbitrary code as the user \nrunning Firefox. (CVE-2011-0074, CVE-2011-0075)\n\nIan Beer discovered multiple overflow vulnerabilities. An attacker could \nexploit these to possibly run arbitrary code as the user running Firefox. \n(CVE-2011-0077, CVE-2011-0078)\n\nMartin Barbella discovered a memory vulnerability in the handling of \ncertain DOM elements. An attacker could exploit this to possibly run \narbitrary code as the user running Firefox. (CVE-2011-0072)\n\nIt was discovered that there were use-after-free vulnerabilities in \nFirefox's mChannel and mObserverList objects. An attacker could exploit \nthese to possibly run arbitrary code as the user running Firefox. \n(CVE-2011-0065, CVE-2011-0066)\n\nIt was discovered that there was a vulnerability in the handling of the \nnsTreeSelection element. An attacker serving malicious content could \nexploit this to possibly run arbitrary code as the user running Firefox. \n(CVE-2011-0073)\n\nPaul Stone discovered a vulnerability in the handling of Java applets. An \nattacker could use this to mimic interaction with form autocomplete \ncontrols and steal entries from the form history. (CVE-2011-0067)\n\nSoroush Dalili discovered a vulnerability in the resource: protocol. This \ncould potentially allow an attacker to load arbitrary files that were \naccessible to the user running Firefox. (CVE-2011-0071)\n\nChris Evans discovered a vulnerability in Firefox's XSLT generate-id() \nfunction. An attacker could possibly use this vulnerability to make other \nattacks more reliable. (CVE-2011-1202)\n", "cvss3": {}, "published": "2011-04-29T00:00:00", "type": "ubuntu", "title": "Firefox and Xulrunner vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0071", "CVE-2011-0078", "CVE-2011-0081", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0067", "CVE-2011-0065", "CVE-2011-0080", "CVE-2011-0070", "CVE-2011-0073", "CVE-2011-1202", "CVE-2011-0072", "CVE-2011-0077", "CVE-2011-0069", "CVE-2011-0066"], "modified": "2011-04-29T00:00:00", "id": "USN-1112-1", "href": "https://ubuntu.com/security/notices/USN-1112-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:12:49", "description": "USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A \nregression was introduced which caused Thunderbird to display an empty menu \nbar. This update fixes the problem. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that there was a vulnerability in the memory handling of \ncertain types of content. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\nIt was discovered that Thunderbird incorrectly handled certain JavaScript \nrequests. If JavaScript were enabled, an attacker could exploit this to \npossibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0069)\n\nIan Beer discovered a vulnerability in the memory handling of a certain \ntypes of documents. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\nBob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman \ndiscovered several memory vulnerabilities. An attacker could exploit these \nto possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0080)\n\nAki Helin discovered multiple vulnerabilities in the HTML rendering code. \nAn attacker could exploit these to possibly run arbitrary code as the user \nrunning Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\nIan Beer discovered multiple overflow vulnerabilities. An attacker could \nexploit these to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0077, CVE-2011-0078)\n\nMartin Barbella discovered a memory vulnerability in the handling of \ncertain DOM elements. An attacker could exploit this to possibly run \narbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\nIt was discovered that there were use-after-free vulnerabilities in \nThunderbird's mChannel and mObserverList objects. An attacker could exploit \nthese to possibly run arbitrary code as the user running Thunderbird. \n(CVE-2011-0065, CVE-2011-0066)\n\nIt was discovered that there was a vulnerability in the handling of the \nnsTreeSelection element. An attacker sending a specially crafted E-Mail \ncould exploit this to possibly run arbitrary code as the user running \nThunderbird. (CVE-2011-0073)\n\nPaul Stone discovered a vulnerability in the handling of Java applets. If \nplugins were enabled, an attacker could use this to mimic interaction with \nform autocomplete controls and steal entries from the form history. \n(CVE-2011-0067)\n\nSoroush Dalili discovered a vulnerability in the resource: protocol. This \ncould potentially allow an attacker to load arbitrary files that were \naccessible to the user running Thunderbird. (CVE-2011-0071)\n\nChris Evans discovered a vulnerability in Thunderbird's XSLT generate-id() \nfunction. An attacker could possibly use this vulnerability to make other \nattacks more reliable. (CVE-2011-1202)\n", "cvss3": {}, "published": "2011-06-06T00:00:00", "type": "ubuntu", "title": "Thunderbird regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0071", "CVE-2011-0078", "CVE-2011-0081", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0067", "CVE-2011-0065", "CVE-2011-0080", "CVE-2011-0070", "CVE-2011-0073", "CVE-2011-1202", "CVE-2011-0072", "CVE-2011-0077", "CVE-2011-0069", "CVE-2011-0066"], "modified": "2011-06-06T00:00:00", "id": "USN-1122-3", "href": "https://ubuntu.com/security/notices/USN-1122-3", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:13:37", "description": "A large number of security issues were discovered in the Gecko rendering \nengine. If a user were tricked into viewing a malicious website, a remote \nattacker could exploit a variety of issues related to web browser security, \nincluding cross-site scripting attacks, denial of service attacks, and \narbitrary code execution.\n", "cvss3": {}, "published": "2011-04-30T00:00:00", "type": "ubuntu", "title": "Xulrunner vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3776", "CVE-2011-0078", "CVE-2010-1585", "CVE-2011-0059", "CVE-2011-0065", "CVE-2011-0080", "CVE-2011-0077", "CVE-2011-0054", "CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0051", "CVE-2011-0062", "CVE-2011-0053", "CVE-2011-0073", "CVE-2011-0055", "CVE-2011-1202", "CVE-2011-0066", "CVE-2011-0058", "CVE-2011-0075", "CVE-2011-0072", "CVE-2011-0071", "CVE-2011-0057", "CVE-2011-0056", "CVE-2011-0074", "CVE-2011-0067", "CVE-2010-3778"], "modified": "2011-04-30T00:00:00", "id": "USN-1123-1", "href": "https://ubuntu.com/security/notices/USN-1123-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:02:32", "description": "Chris Evans discovered that libxslt incorrectly handled generate-id XPath \nfunctions. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could obtain potentially \nsensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu \n10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\nIt was discovered that libxslt incorrectly parsed certain patterns. If a \nuser or automated system were tricked into processing a specially crafted \nXSLT document, a remote attacker could cause libxslt to crash, causing a \ndenial of service. (CVE-2011-3970)\n\nNicholas Gregoire discovered that libxslt incorrectly handled unexpected \nDTD nodes. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could cause libxslt to \ncrash, causing a denial of service. (CVE-2012-2825)\n\nNicholas Gregoire discovered that libxslt incorrectly managed memory. If a \nuser or automated system were tricked into processing a specially crafted \nXSLT document, a remote attacker could cause libxslt to crash, causing a \ndenial of service. (CVE-2012-2870)\n\nNicholas Gregoire discovered that libxslt incorrectly handled certain \ntransforms. If a user or automated system were tricked into processing a \nspecially crafted XSLT document, a remote attacker could cause libxslt to \ncrash, causing a denial of service, or possibly execute arbitrary code. \n(CVE-2012-2871)\n\nCris Neckar discovered that libxslt incorrectly managed memory. If a user \nor automated system were tricked into processing a specially crafted XSLT \ndocument, a remote attacker could cause libxslt to crash, causing a denial \nof service, or possibly execute arbitrary code. (CVE-2012-2893)\n", "cvss3": {}, "published": "2012-10-04T00:00:00", "type": "ubuntu", "title": "libxslt vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3970", "CVE-2012-2870", "CVE-2012-2825", "CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2893"], "modified": "2012-10-04T00:00:00", "id": "USN-1595-1", "href": "https://ubuntu.com/security/notices/USN-1595-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:39:47", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1121-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-1121-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-0070"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840635", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1121_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for firefox USN-1121-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1121-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840635\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1121-1\");\n script_cve_id(\"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for firefox USN-1121-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1121-1\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek\n discovered multiple memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)\n\n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0081)\n\n It was discovered that Firefox incorrectly handled certain JavaScript\n requests. An attacker could exploit this to possibly run arbitrary code as\n the user running Firefox. (CVE-2011-0069)\n\n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0070)\n\n Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"4.0.1+build1+nobinonly-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:31", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1121-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-1121-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-0070"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840635", "href": "http://plugins.openvas.org/nasl.php?oid=840635", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1121_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for firefox USN-1121-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek\n discovered multiple memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)\n\n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0081)\n \n It was discovered that Firefox incorrectly handled certain JavaScript\n requests. An attacker could exploit this to possibly run arbitrary code as\n the user running Firefox. (CVE-2011-0069)\n \n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0070)\n \n Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1121-1\";\ntag_affected = \"firefox on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1121-1/\");\n script_id(840635);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1121-1\");\n script_cve_id(\"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for firefox USN-1121-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"4.0.1+build1+nobinonly-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-04T14:20:10", "description": "The host is installed with Mozilla Firefox, Seamonkey or Thunderbird and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0069", "CVE-2011-0070"], "modified": "2017-09-01T00:00:00", "id": "OPENVAS:801884", "href": "http://plugins.openvas.org/nasl.php?oid=801884", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win01_may11.nasl 7044 2017-09-01 11:50:59Z teissa $\n#\n# Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Firefox version 3.5.19, 3.6.17, 4.0.1 or later\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Seamonkey version 2.0.14 or later\n http://www.seamonkey-project.org/releases/\n\n Upgrade to Thunderbird version 3.1.10 or later\n http://www.mozillamessaging.com/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation will let remote attackers to execute arbitrary code\n or cause a denial of service.\n Impact Level: Application\";\ntag_affected = \"SeaMonkey versions before 2.0.14.\n Thunderbird version before 3.1.10\n Mozilla Firefox versions 3.5.x before 3.5.19, 3.6.x before 3.6.17,\n and 4.x before 4.0.1\";\ntag_insight = \"The flaws are due to multiple Unspecified errors in the browser engine\n allows remote attackers to cause a denial of service or possibly execute\n arbitrary code via unknown vectors.\";\ntag_summary = \"The host is installed with Mozilla Firefox, Seamonkey or Thunderbird and is\n prone to multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(801884);\n script_version(\"$Revision: 7044 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-01 13:50:59 +0200 (Fri, 01 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\");\n script_bugtraq_id(47656,47654);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01\");\n\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/44357/\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_seamonkey_detect_win.nasl\",\n \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox version before 3.5.19, 3.6.x before 3.6.17 and 4.x before 4.0.1\n if(version_is_less(version:ffVer, test_version:\"3.5.19\") ||\n version_in_range(version:ffVer, test_version:\"3.6.0\", test_version2:\"3.6.16\") ||\n version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Seamonkey Check\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(smVer != NULL)\n{\n ## Grep for Seamonkey version 2.0.14\n if(version_is_less(version:smVer, test_version:\"2.0.14\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n ## Grep for Thunderbird version < 3.1.10\n if(version_is_less(version:tbVer, test_version:\"3.1.10\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-19T22:16:51", "description": "The host is installed with Mozilla Firefox, Seamonkey or Thunderbird and is\n prone to multiple vulnerabilities.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0069", "CVE-2011-0070"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310801884", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801884", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801884\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\");\n script_bugtraq_id(47656, 47654);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Products Multiple Vulnerabilities May-11 (Windows) - 01\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/44357/\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_seamonkey_detect_win.nasl\",\n \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let remote attackers to execute arbitrary code\n or cause a denial of service.\");\n script_tag(name:\"affected\", value:\"SeaMonkey versions before 2.0.14.\n Thunderbird version before 3.1.10\n Mozilla Firefox versions 3.5.x before 3.5.19, 3.6.x before 3.6.17,\n and 4.x before 4.0.1\");\n script_tag(name:\"insight\", value:\"The flaws are due to multiple Unspecified errors in the browser engine\n allows remote attackers to cause a denial of service or possibly execute\n arbitrary code via unknown vectors.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox, Seamonkey or Thunderbird and is\n prone to multiple vulnerabilities.\");\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.5.19, 3.6.17, 4.0.1 or later,\n Upgrade to Seamonkey version 2.0.14 or later,\n Upgrade to Thunderbird version 3.1.10 or later.\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/en-US/thunderbird/\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/projects/seamonkey/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_is_less(version:ffVer, test_version:\"3.5.19\") ||\n version_in_range(version:ffVer, test_version:\"3.6.0\", test_version2:\"3.6.16\") ||\n version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\nsmVer = get_kb_item(\"Seamonkey/Win/Ver\");\nif(smVer != NULL)\n{\n if(version_is_less(version:smVer, test_version:\"2.0.14\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n if(version_is_less(version:tbVer, test_version:\"3.1.10\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-12T11:18:41", "description": "Check for the Version of MozillaFirefox,seamonkey,MozillaThunderbird", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2011:022", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0068", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0079", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850166", "href": "http://plugins.openvas.org/nasl.php?oid=850166", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2011:022\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Mozilla suite of browsers received security updates.\n\n Following updates are included in this update:\n Mozilla Firefox was updated on SUSE Linux Enterprise 10 and 11 to the 3.6.17 security release.\n Mozilla Firefox was updated on openSUSE 11.4 to the 4.0.1 security release.\n Mozilla Thunderbird was updated on openSUSE to the 3.1.10 security release.\n Mozilla Seamonkey was updated on openSUSE to the 2.0.14 security release.\n Mozilla XULRunner 1.9.1 was updated to 1.9.1.19.\n Mozilla XULRunner 1.9.2 was updated to 1.9.2.17.\n\n Following security issues were fixed:\n MFSA 2011-12:\n Mozilla developers identified and fixed several memory safety bugs in the\n browser engine used in Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain circumstances, and we\n presume that with enough effort at least some of these could be exploited to\n run arbitrary code.\n\n Mozilla developers Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, Nils,\n Scoobidiver, and Ted Mielczarek reported memory safety issues which affected\n Firefox 4. CVE-2011-0079\n\n Mozilla developer Scoobidiver reported a memory safety issue which affected\n Firefox 4 and Firefox 3.6 CVE-2011-0081\n\n The web development team of Alcidion reported a crash that affected Firefox 4,\n Firefox 3.6 and Firefox 3.5. CVE-2011-0069\n\n Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5.\n CVE-2011-0070\n\n Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and\n Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and\n Firefox 3.5. CVE-2011-0080\n\n Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox\n 3.5. CVE-2011-0075\n\n Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox\n 3.5. CVE-2011-0078\n\n Martin Barbella reported a memory safety issue which affected Firefox 3.6 and\n Firefox 3.5. CVE-2011-0072\n\n\n CVE-2011-0073:\n Security researcher regenrecht reported several dangling pointer\n vulnerabilities via TippingPoint's Zero Day Initiative.\n\n Firefox 4 was not affected by these issues.\n\n\n CVE-2011-0067:\n Security researcher Paul Stone reported that a Java applet could be used to\n mimic interaction with form autocomplete controls and steal entries from the\n form history.\n\n Firefox 4 was not affected by this issue.\n\n\n CVE-2011-0076: David Remahl of Apple Product Security reported\n that the Java Embedding Plugin (JEP) shipped with the Mac OS X version ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"remote code execution, remote denial of service\";\ntag_affected = \"MozillaFirefox,seamonkey,MozillaThunderbird on openSUSE 11.2, openSUSE 11.3\";\n\n\nif(description)\n{\n script_id(850166);\n script_version(\"$Revision: 8041 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 08:28:21 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2011-022\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0068\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0076\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0079\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"SuSE Update for MozillaFirefox,seamonkey,MozillaThunderbird SUSE-SA:2011:022\");\n\n script_summary(\"Check for the Version of MozillaFirefox,seamonkey,MozillaThunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.6.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.6.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~3.6.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~3.6.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~3.1.10~0.9.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~3.1.10~0.9.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~3.1.10~0.9.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~3.1.10~0.9.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.1.2~9.9.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js192\", rpm:\"mozilla-js192~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191\", rpm:\"mozilla-xulrunner191~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-devel\", rpm:\"mozilla-xulrunner191-devel~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs\", rpm:\"mozilla-xulrunner191-gnomevfs~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-common\", rpm:\"mozilla-xulrunner191-translations-common~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-other\", rpm:\"mozilla-xulrunner191-translations-other~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192\", rpm:\"mozilla-xulrunner192~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-buildsymbols\", rpm:\"mozilla-xulrunner192-buildsymbols~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-devel\", rpm:\"mozilla-xulrunner192-devel~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome\", rpm:\"mozilla-xulrunner192-gnome~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common\", rpm:\"mozilla-xulrunner192-translations-common~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other\", rpm:\"mozilla-xulrunner192-translations-other~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-xpcom191\", rpm:\"python-xpcom191~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.0.14~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.0.14~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.0.14~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.0.14~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js192-32bit\", rpm:\"mozilla-js192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-32bit\", rpm:\"mozilla-xulrunner191-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs-32bit\", rpm:\"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-32bit\", rpm:\"mozilla-xulrunner192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome-32bit\", rpm:\"mozilla-xulrunner192-gnome-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common-32bit\", rpm:\"mozilla-xulrunner192-translations-common-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other-32bit\", rpm:\"mozilla-xulrunner192-translations-other-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.6.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.6.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~3.6.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~3.6.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~3.1.10~0.9.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~3.1.10~0.9.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~3.1.10~0.9.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~3.1.10~0.9.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.1.2~9.9.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js192\", rpm:\"mozilla-js192~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191\", rpm:\"mozilla-xulrunner191~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-devel\", rpm:\"mozilla-xulrunner191-devel~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs\", rpm:\"mozilla-xulrunner191-gnomevfs~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-common\", rpm:\"mozilla-xulrunner191-translations-common~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-other\", rpm:\"mozilla-xulrunner191-translations-other~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192\", rpm:\"mozilla-xulrunner192~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-buildsymbols\", rpm:\"mozilla-xulrunner192-buildsymbols~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-devel\", rpm:\"mozilla-xulrunner192-devel~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome\", rpm:\"mozilla-xulrunner192-gnome~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common\", rpm:\"mozilla-xulrunner192-translations-common~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other\", rpm:\"mozilla-xulrunner192-translations-other~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-xpcom191\", rpm:\"python-xpcom191~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.0.14~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js192-32bit\", rpm:\"mozilla-js192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-32bit\", rpm:\"mozilla-xulrunner191-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs-32bit\", rpm:\"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-32bit\", rpm:\"mozilla-xulrunner192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome-32bit\", rpm:\"mozilla-xulrunner192-gnome-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common-32bit\", rpm:\"mozilla-xulrunner192-translations-common-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other-32bit\", rpm:\"mozilla-xulrunner192-translations-other-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-01-31T18:42:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for MozillaFirefox, seamonkey, MozillaThunderbird (SUSE-SA:2011:022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0068", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0079", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850166", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850166", "sourceData": "# Copyright (C) 2011 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850166\");\n script_version(\"2020-01-31T08:40:24+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:40:24 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"SUSE-SA\", value:\"2011-022\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0068\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0076\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0079\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"SUSE: Security Advisory for MozillaFirefox, seamonkey, MozillaThunderbird (SUSE-SA:2011:022)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'MozillaFirefox, seamonkey, MozillaThunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE11\\.2|openSUSE11\\.3)\");\n\n script_tag(name:\"impact\", value:\"remote code execution, remote denial of service\");\n\n script_tag(name:\"affected\", value:\"MozillaFirefox, seamonkey, MozillaThunderbird on openSUSE 11.2, openSUSE 11.3\");\n\n script_tag(name:\"insight\", value:\"The Mozilla suite of browsers received security updates.\n\n The following updates are included in this update:\n Mozilla Firefox was updated on SUSE Linux Enterprise 10 and 11 to the 3.6.17 security release.\n Mozilla Firefox was updated on openSUSE 11.4 to the 4.0.1 security release.\n Mozilla Thunderbird was updated on openSUSE to the 3.1.10 security release.\n Mozilla Seamonkey was updated on openSUSE to the 2.0.14 security release.\n Mozilla XULRunner 1.9.1 was updated to 1.9.1.19.\n Mozilla XULRunner 1.9.2 was updated to 1.9.2.17.\n\n The following security issues were fixed:\n MFSA 2011-12:\n Mozilla developers identified and fixed several memory safety bugs in the\n browser engine used in Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain circumstances, and we\n presume that with enough effort at least some of these could be exploited to\n run arbitrary code.\n\n Mozilla developers Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, Nils,\n Scoobidiver, and Ted Mielczarek reported memory safety issues which affected\n Firefox 4. CVE-2011-0079\n\n Mozilla developer Scoobidiver reported a memory safety issue which affected\n Firefox 4 and Firefox 3.6 CVE-2011-0081\n\n The web development team of Alcidion reported a crash that affected Firefox 4,\n Firefox 3.6 and Firefox 3.5. CVE-2011-0069\n\n Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5.\n CVE-2011-0070\n\n Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and\n Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and\n Firefox 3.5. CVE-2011-0080\n\n Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox\n 3.5. CVE-2011-0075\n\n Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox\n 3.5. CVE-2011-0078\n\n Martin Barbella reported a memory safety issue which affected Firefox 3.6 and\n Firefox 3.5. CVE-2011-0072\n\n\n CVE-2011-0073:\n Security researcher regenrecht reported several dangling pointer\n vulnerabilities via TippingPoint's Zero Day Initiative.\n\n Firefox 4 was not affected by these issues.\n\n\n CVE-2011-0067:\n Security researcher Paul Stone reported that a Java applet could be used to\n mimic interaction with form autocomplete controls and steal entries from the\n form history.\n\n Firefox 4 was not affected by this issue.\n\n\n CVE-2011-0076: David Remahl of Apple Product Security reported\n that the Java Embedding Plugin (JEP) shipped with the Mac OS X version ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.6.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.6.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~3.6.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~3.6.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~3.1.10~0.9.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~3.1.10~0.9.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~3.1.10~0.9.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~3.1.10~0.9.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.1.2~9.9.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192\", rpm:\"mozilla-js192~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191\", rpm:\"mozilla-xulrunner191~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-devel\", rpm:\"mozilla-xulrunner191-devel~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs\", rpm:\"mozilla-xulrunner191-gnomevfs~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-common\", rpm:\"mozilla-xulrunner191-translations-common~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-other\", rpm:\"mozilla-xulrunner191-translations-other~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192\", rpm:\"mozilla-xulrunner192~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-buildsymbols\", rpm:\"mozilla-xulrunner192-buildsymbols~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-devel\", rpm:\"mozilla-xulrunner192-devel~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome\", rpm:\"mozilla-xulrunner192-gnome~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common\", rpm:\"mozilla-xulrunner192-translations-common~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other\", rpm:\"mozilla-xulrunner192-translations-other~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-xpcom191\", rpm:\"python-xpcom191~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.0.14~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.0.14~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.0.14~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.0.14~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192-32bit\", rpm:\"mozilla-js192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-32bit\", rpm:\"mozilla-xulrunner191-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs-32bit\", rpm:\"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-32bit\", rpm:\"mozilla-xulrunner192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome-32bit\", rpm:\"mozilla-xulrunner192-gnome-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common-32bit\", rpm:\"mozilla-xulrunner192-translations-common-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other-32bit\", rpm:\"mozilla-xulrunner192-translations-other-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE11.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~3.6.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~3.6.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~3.6.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~3.6.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~3.1.10~0.9.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~3.1.10~0.9.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~3.1.10~0.9.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~3.1.10~0.9.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.1.2~9.9.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192\", rpm:\"mozilla-js192~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191\", rpm:\"mozilla-xulrunner191~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-devel\", rpm:\"mozilla-xulrunner191-devel~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs\", rpm:\"mozilla-xulrunner191-gnomevfs~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-common\", rpm:\"mozilla-xulrunner191-translations-common~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-translations-other\", rpm:\"mozilla-xulrunner191-translations-other~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192\", rpm:\"mozilla-xulrunner192~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-buildsymbols\", rpm:\"mozilla-xulrunner192-buildsymbols~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-devel\", rpm:\"mozilla-xulrunner192-devel~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome\", rpm:\"mozilla-xulrunner192-gnome~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common\", rpm:\"mozilla-xulrunner192-translations-common~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other\", rpm:\"mozilla-xulrunner192-translations-other~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-xpcom191\", rpm:\"python-xpcom191~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.0.14~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-js192-32bit\", rpm:\"mozilla-js192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-32bit\", rpm:\"mozilla-xulrunner191-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner191-gnomevfs-32bit\", rpm:\"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.19~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-32bit\", rpm:\"mozilla-xulrunner192-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-gnome-32bit\", rpm:\"mozilla-xulrunner192-gnome-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-common-32bit\", rpm:\"mozilla-xulrunner192-translations-common-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-xulrunner192-translations-other-32bit\", rpm:\"mozilla-xulrunner192-translations-other-32bit~1.9.2.17~0.2.1\", rls:\"openSUSE11.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:13:26", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0079", "CVE-2011-0066", "CVE-2011-1300", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-1302", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69590", "href": "http://plugins.openvas.org/nasl.php?oid=69590", "sourceData": "#\n#VID 04b7d46c-7226-11e0-813a-6c626dd55a41\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 04b7d46c-7226-11e0-813a-6c626dd55a41\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n libxul\n linux-firefox\n linux-firefox-devel\n linux-seamonkey\n seamonkey\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-12.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-13.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-14.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-15.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-16.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-17.html\nhttp://www.mozilla.org/security/announce/2011/mfsa2011-18.html\nhttp://www.vuxml.org/freebsd/04b7d46c-7226-11e0-813a-6c626dd55a41.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69590);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\",\n \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\",\n \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\",\n \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0076\", \"CVE-2011-0071\",\n \"CVE-2011-1302\", \"CVE-2011-1300\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.6.*,1\")>0 && revcomp(a:bver, b:\"3.6.17,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5.*,1\")>0 && revcomp(a:bver, b:\"3.5.19,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0.*,1\")>0 && revcomp(a:bver, b:\"4.0.1,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"libxul\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.2\")>0 && revcomp(a:bver, b:\"1.9.2.17\")<0) {\n txt += 'Package libxul version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.6.17,1\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5.19\")<0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0\")>0 && revcomp(a:bver, b:\"2.0.14\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0\")>0 && revcomp(a:bver, b:\"2.0.14\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0079", "CVE-2011-0066", "CVE-2011-1300", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-1302", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069590", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069590", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_firefox56.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 04b7d46c-7226-11e0-813a-6c626dd55a41\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69590\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\",\n \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\",\n \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\",\n \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0076\", \"CVE-2011-0071\",\n \"CVE-2011-1302\", \"CVE-2011-1300\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n firefox\n libxul\n linux-firefox\n linux-firefox-devel\n linux-seamonkey\n seamonkey\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-13.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-14.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-15.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-16.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-17.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-18.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/04b7d46c-7226-11e0-813a-6c626dd55a41.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.6.*,1\")>0 && revcomp(a:bver, b:\"3.6.17,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5.*,1\")>0 && revcomp(a:bver, b:\"3.5.19,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"4.0.*,1\")>0 && revcomp(a:bver, b:\"4.0.1,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"libxul\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.2\")>0 && revcomp(a:bver, b:\"1.9.2.17\")<0) {\n txt += 'Package libxul version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.6.17,1\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5.19\")<0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0\")>0 && revcomp(a:bver, b:\"2.0.14\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0\")>0 && revcomp(a:bver, b:\"2.0.14\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:20:03", "description": "The host is installed with Mozilla Firefox and is prone to multiple\n unspecified vulnerabilities.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0079"], "modified": "2017-08-29T00:00:00", "id": "OPENVAS:801886", "href": "http://plugins.openvas.org/nasl.php?oid=801886", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_mult_unspecified_vuln_win_may11.nasl 7019 2017-08-29 11:51:27Z teissa $\n#\n# Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow remote attackers to a cause a denial of\n service or possibly execute arbitrary code.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox versions 4.x before 4.0.1\";\ntag_insight = \"The flaws are due to multiple unspecified errors in the browser engine\n allow remote attackers to cause a denial of service or possibly execute\n arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp\n and unknown other vectors.\";\ntag_solution = \"Upgrade to Firefox version 4.0.1 or later\n http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"The host is installed with Mozilla Firefox and is prone to multiple\n unspecified vulnerabilities.\";\n\nif(description)\n{\n script_id(801886);\n script_version(\"$Revision: 7019 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 13:51:27 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0079\");\n script_bugtraq_id(47657);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/44357/\");\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_require_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox versions 4.x before 4.0.1\n if(version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-04-27T19:22:51", "description": "The host is installed with Mozilla Firefox and is prone to multiple\n unspecified vulnerabilities.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0079"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801886", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801886", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801886\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0079\");\n script_bugtraq_id(47657);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Firefox Multiple Unspecified Vulnerabilities May-11 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/44357/\");\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to a cause a denial of\n service or possibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox versions 4.x before 4.0.1\");\n script_tag(name:\"insight\", value:\"The flaws are due to multiple unspecified errors in the browser engine\n allow remote attackers to cause a denial of service or possibly execute\n arbitrary code via vectors related to gfx/layers/d3d10/ReadbackManagerD3D10.cpp\n and unknown other vectors.\");\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 4.0.1 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox and is prone to multiple\n unspecified vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\")){\n report = report_fixed_ver(installed_version:ffVer, vulnerable_range:\"4.0 - 4.0.b12\");\n security_message(port: 0, data: report);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:29", "description": "Check for the Version of mozilla-thunderbird", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0072"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831383", "href": "http://plugins.openvas.org/nasl.php?oid=831383", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues were identified and fixed in mozilla-thunderbird:\n\n Security researcher Soroush Dalili reported that the resource:\n protocol could be exploited to allow directory traversal on\n Windows and the potential loading of resources from non-permitted\n locations. The impact would depend on whether interesting files\n existed in predictable locations in a useful format. For example,\n the existence or non-existence of particular images might indicate\n whether certain software was installed (CVE-2011-0071).\n \n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2011-0081,\n CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,\n CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).\n \n The mozilla-thunderbird-lightning package shipped with MDVSA-2011:042\n had a packaging bug that prevented extension to be loaded (#59951).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-05/msg00000.php\");\n script_id(831383);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:080\");\n script_cve_id(\"CVE-2011-0071\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\");\n script_name(\"Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)\");\n\n script_summary(\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0072"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831383", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831383", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-05/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831383\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:080\");\n script_cve_id(\"CVE-2011-0071\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\");\n script_name(\"Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mozilla-thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"mozilla-thunderbird on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\");\n script_tag(name:\"insight\", value:\"Security issues were identified and fixed in mozilla-thunderbird:\n\n Security researcher Soroush Dalili reported that the resource:\n protocol could be exploited to allow directory traversal on\n Windows and the potential loading of resources from non-permitted\n locations. The impact would depend on whether interesting files\n existed in predictable locations in a useful format. For example,\n the existence or non-existence of particular images might indicate\n whether certain software was installed (CVE-2011-0071).\n\n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2011-0081,\n CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,\n CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).\n\n The mozilla-thunderbird-lightning package shipped with MDVSA-2011:042\n had a packaging bug that prevented extension to be loaded (#59951).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~40.15mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.25mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.37mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.10~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-09-04T14:19:44", "description": "The host is installed with Mozilla Firefox or Thunderbird and is prone to\n unspecified vulnerability.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Products Unspecified Vulnerability May-11 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0081"], "modified": "2017-08-29T00:00:00", "id": "OPENVAS:801887", "href": "http://plugins.openvas.org/nasl.php?oid=801887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_unspecified_vuln_win_may11.nasl 7019 2017-08-29 11:51:27Z teissa $\n#\n# Mozilla Products Unspecified Vulnerability May-11 (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Firefox version 3.6.17, 4.0.1 or later\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.1.10 or later\n http://www.mozillamessaging.com/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation will let remote attackers to a cause a denial of\n service or possibly execute arbitrary code.\n Impact Level: Application\";\ntag_affected = \"Thunderbird 3.1.x before 3.1.10\n Mozilla Firefox versions 3.6.x before 3.6.17 and 4.x before 4.0.1\";\ntag_insight = \"The flaw is due to unspecified vulnerability in the browser engine\n which allows remote attackers to cause a denial of service or possibly\n execute arbitrary code via unknown vectors.\";\ntag_summary = \"The host is installed with Mozilla Firefox or Thunderbird and is prone to\n unspecified vulnerability.\";\n\nif(description)\n{\n script_id(801887);\n script_version(\"$Revision: 7019 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 13:51:27 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0081\");\n script_bugtraq_id(47653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Products Unspecified Vulnerability May-11 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.mozilla.org/show_bug.cgi?id=645289\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox versions 4.x before 4.0.1\n if(version_in_range(version:ffVer, test_version:\"3.6.0\", test_version2:\"3.6.16\") ||\n version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\")) {\n security_message(0);\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n ## Grep for Thunderbird version 3.1.x before 3.1.10\n if(version_in_range(version:ffVer, test_version:\"3.1.0\", test_version2:\"3.1.9\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-07-19T22:17:14", "description": "The host is installed with Mozilla Firefox or Thunderbird and is prone to\n unspecified vulnerability.", "cvss3": {}, "published": "2011-05-18T00:00:00", "type": "openvas", "title": "Mozilla Products Unspecified Vulnerability May-11 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0081"], "modified": "2019-07-17T00:00:00", "id": "OPENVAS:1361412562310801887", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Products Unspecified Vulnerability May-11 (Windows)\n#\n# Authors:\n# Sooraj KS <kssooraj@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801887\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-05-18 15:37:30 +0200 (Wed, 18 May 2011)\");\n script_cve_id(\"CVE-2011-0081\");\n script_bugtraq_id(47653);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Products Unspecified Vulnerability May-11 (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://www.vupen.com/english/advisories/2011/1127\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=645289\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let remote attackers to a cause a denial of\n service or possibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"Thunderbird 3.1.x before 3.1.10\n Mozilla Firefox versions 3.6.x before 3.6.17 and 4.x before 4.0.1\");\n script_tag(name:\"insight\", value:\"The flaw is due to unspecified vulnerability in the browser engine\n which allows remote attackers to cause a denial of service or possibly\n execute arbitrary code via unknown vectors.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox or Thunderbird and is prone to\n unspecified vulnerability.\");\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.6.17, 4.0.1 or later,\n Upgrade to Thunderbird version 3.1.10 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/en-US/thunderbird/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"3.6.0\", test_version2:\"3.6.16\") ||\n version_in_range(version:ffVer, test_version:\"4.0\", test_version2:\"4.0.b12\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n if(version_in_range(version:ffVer, test_version:\"3.1.0\", test_version2:\"3.1.9\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:41", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840652", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-1122-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1122-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840652\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1122-1\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|10\\.10)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1122-1\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n\n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n\n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n\n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n\n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n\n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n\n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Thunderbird. (CVE-2011-0071)\n\n Chris Evans discovered a vulnerability in Thunderbird's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-27T10:55:30", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2011:0471-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870425", "href": "http://plugins.openvas.org/nasl.php?oid=870425", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2011:0471-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n \n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n \n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the "rows" and "cols" attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n \n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n \n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n \n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n \n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n \n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n \n A double free flaw was found in the way Firefox handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n \n A flaw was foun ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00025.html\");\n script_id(870425);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0471-01\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"RedHat Update for firefox RHSA-2011:0471-01\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.6.17~1.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.6.17~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-2", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840650", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840650", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_2.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-1122-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1122-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840650\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1122-2\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1122-2\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick.\n This update provides the corresponding fixes for Natty.\n\n Original advisory details:\n\n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n\n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n\n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n\n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n\n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n\n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n\n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Thunderbird. (CV ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017461.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881346\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:30:49 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0471\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the 'rows' and 'cols' attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n\n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n\n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n\n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n\n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n\n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n\n A double free flaw was found in the way Firefox handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n\n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:57", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840652", "href": "http://plugins.openvas.org/nasl.php?oid=840652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for thunderbird USN-1122-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n \n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n \n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n \n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n \n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n \n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n \n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n \n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n \n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n \n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Thunderbird. (CVE-2011-0071)\n \n Chris Evans discovered a vulnerability in Thunderbird's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1122-1\";\ntag_affected = \"thunderbird on Ubuntu 10.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1122-1/\");\n script_id(840652);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1122-1\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880513", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017460.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880513\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0471\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the 'rows' and 'cols' attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n\n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n\n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n\n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n\n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n\n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n\n A double free flaw was found in the way Firefox handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n\n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-2", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840650", "href": "http://plugins.openvas.org/nasl.php?oid=840650", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_2.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for thunderbird USN-1122-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick.\n This update provides the corresponding fixes for Natty.\n\n Original advisory details:\n \n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n \n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n \n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n \n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n \n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n \n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n \n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n \n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n \n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n \n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n \n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Thunderbird. (CV ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1122-2\";\ntag_affected = \"thunderbird on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1122-2/\");\n script_id(840650);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1122-2\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:31", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-3", "cvss3": {}, "published": "2011-06-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_3.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-1122-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1122-3/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840675\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1122-3\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-3\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1122-3\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A\n regression was introduced which caused Thunderbird to display an empty menu\n bar. This update fixes the problem. We apologize for the inconvenience.\n\n Original advisory details:\n\n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n\n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n\n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n\n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n\n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n\n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n\n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n\n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n\n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n\n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n\n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an att ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-globalmenu\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:21", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1122-3", "cvss3": {}, "published": "2011-06-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-1122-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840675", "href": "http://plugins.openvas.org/nasl.php?oid=840675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1122_3.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for thunderbird USN-1122-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A\n regression was introduced which caused Thunderbird to display an empty menu\n bar. This update fixes the problem. We apologize for the inconvenience.\n\n Original advisory details:\n \n It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0081)\n \n It was discovered that Thunderbird incorrectly handled certain JavaScript\n requests. If JavaScript were enabled, an attacker could exploit this to\n possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0069)\n \n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0070)\n \n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0080)\n \n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Thunderbird. (CVE-2011-0074, CVE-2011-0075)\n \n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0077, CVE-2011-0078)\n \n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Thunderbird. (CVE-2011-0072)\n \n It was discovered that there were use-after-free vulnerabilities in\n Thunderbird's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Thunderbird.\n (CVE-2011-0065, CVE-2011-0066)\n \n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker sending a specially crafted E-Mail\n could exploit this to possibly run arbitrary code as the user running\n Thunderbird. (CVE-2011-0073)\n \n Paul Stone discovered a vulnerability in the handling of Java applets. If\n plugins were enabled, an attacker could use this to mimic interaction with\n form autocomplete controls and steal entries from the form history.\n (CVE-2011-0067)\n \n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an att ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1122-3\";\ntag_affected = \"thunderbird on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1122-3/\");\n script_id(840675);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-10 16:29:51 +0200 (Fri, 10 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1122-3\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for thunderbird USN-1122-3\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-globalmenu\", ver:\"3.1.10+build1+nobinonly-0ubuntu0.11.04.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:54", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1112-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-1112-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840640", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1112_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for firefox USN-1112-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1112-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840640\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1112-1\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for firefox USN-1112-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|9\\.10|10\\.10|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1112-1\");\n script_tag(name:\"affected\", value:\"firefox on Ubuntu 10.10,\n Ubuntu 10.04 LTS,\n Ubuntu 9.10,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0081)\n\n It was discovered that Firefox incorrectly handled certain JavaScript\n requests. An attacker could exploit this to possibly run arbitrary code as\n the user running Firefox. (CVE-2011-0069)\n\n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0070)\n\n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Firefox. (CVE-2011-0080)\n\n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Firefox. (CVE-2011-0074, CVE-2011-0075)\n\n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0077, CVE-2011-0078)\n\n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0072)\n\n It was discovered that there were use-after-free vulnerabilities in\n Firefox's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0065, CVE-2011-0066)\n\n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker serving malicious content could\n exploit this to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0073)\n\n Paul Stone discovered a vulnerability in the handling of Java applets. An\n attacker could use this to mimic interaction with form autocomplete\n controls and steal entries from the form history. (CVE-2011-0067)\n\n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Firefox. (CVE-2011-0071)\n\n Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:46", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880561", "href": "http://plugins.openvas.org/nasl.php?oid=880561", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n \n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n \n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the "rows" and "cols" attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n \n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n \n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n \n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n \n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n \n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n \n A double free flaw was found in the way Firefox handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n \n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017470.html\");\n script_id(880561);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0471\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\",\n \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\",\n \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880561", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880561", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017470.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880561\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0471\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\",\n \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\",\n \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 4\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the 'rows' and 'cols' attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n\n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n\n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n\n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n\n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n\n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n\n A double free flaw was found in the way Firefox handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n\n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:28", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880513", "href": "http://plugins.openvas.org/nasl.php?oid=880513", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n \n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n \n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the "rows" and "cols" attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n \n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n \n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n \n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n \n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n \n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n \n A double free flaw was found in the way Firefox handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n \n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017460.html\");\n script_id(880513);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0471\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos5 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881393", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881393", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017471.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881393\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:41:20 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0471\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the 'rows' and 'cols' attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n\n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n\n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n\n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n\n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n\n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n\n A double free flaw was found in the way Firefox handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n\n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:22", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1112-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox USN-1112-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840640", "href": "http://plugins.openvas.org/nasl.php?oid=840640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1112_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for firefox USN-1112-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that there was a vulnerability in the memory handling of\n certain types of content. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0081)\n\n It was discovered that Firefox incorrectly handled certain JavaScript\n requests. An attacker could exploit this to possibly run arbitrary code as\n the user running Firefox. (CVE-2011-0069)\n \n Ian Beer discovered a vulnerability in the memory handling of a certain\n types of documents. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0070)\n \n Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman\n discovered several memory vulnerabilities. An attacker could exploit these\n to possibly run arbitrary code as the user running Firefox. (CVE-2011-0080)\n \n Aki Helin discovered multiple vulnerabilities in the HTML rendering code.\n An attacker could exploit these to possibly run arbitrary code as the user\n running Firefox. (CVE-2011-0074, CVE-2011-0075)\n \n Ian Beer discovered multiple overflow vulnerabilities. An attacker could\n exploit these to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0077, CVE-2011-0078)\n \n Martin Barbella discovered a memory vulnerability in the handling of\n certain DOM elements. An attacker could exploit this to possibly run\n arbitrary code as the user running Firefox. (CVE-2011-0072)\n \n It was discovered that there were use-after-free vulnerabilities in\n Firefox's mChannel and mObserverList objects. An attacker could exploit\n these to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0065, CVE-2011-0066)\n \n It was discovered that there was a vulnerability in the handling of the\n nsTreeSelection element. An attacker serving malicious content could\n exploit this to possibly run arbitrary code as the user running Firefox.\n (CVE-2011-0073)\n \n Paul Stone discovered a vulnerability in the handling of Java applets. An\n attacker could use this to mimic interaction with form autocomplete\n controls and steal entries from the form history. (CVE-2011-0067)\n \n Soroush Dalili discovered a vulnerability in the resource: protocol. This\n could potentially allow an attacker to load arbitrary files that were\n accessible to the user running Firefox. (CVE-2011-0071)\n \n Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()\n function. An attacker could possibly use this vulnerability to make other\n attacks more reliable. (CVE-2011-1202)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1112-1\";\ntag_affected = \"firefox on Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1112-1/\");\n script_id(840640);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1112-1\");\n script_cve_id(\"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for firefox USN-1112-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n \n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.17+build3+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2011:0471-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870425", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870425", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2011:0471-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00025.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870425\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0471-01\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_name(\"RedHat Update for firefox RHSA-2011:0471-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the 'rows' and 'cols' attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n\n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n\n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n\n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n\n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n\n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n\n A double free flaw was found in the way Firefox handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n\n A flaw was foun ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.6.17~1.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~3.6.17~2.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-11T11:06:56", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881346", "href": "http://plugins.openvas.org/nasl.php?oid=881346", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n \n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n \n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the "rows" and "cols" attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n \n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n \n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n \n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n \n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n \n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n \n A double free flaw was found in the way Firefox handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n \n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017461.html\");\n script_id(881346);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:30:49 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0471\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:56:29", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2011:0471 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881393", "href": "http://plugins.openvas.org/nasl.php?oid=881393", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2011:0471 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could possibly lead to arbitrary code\n execution with the privileges of the user running Firefox. (CVE-2011-0080,\n CVE-2011-0081)\n \n An arbitrary memory write flaw was found in the way Firefox handled\n out-of-memory conditions. If all memory was consumed when a user visited a\n malicious web page, it could possibly lead to arbitrary code execution\n with the privileges of the user running Firefox. (CVE-2011-0078)\n \n An integer overflow flaw was found in the way Firefox handled the HTML\n frameset tag. A web page with a frameset tag containing large values for\n the "rows" and "cols" attributes could trigger this flaw, possibly leading\n to arbitrary code execution with the privileges of the user running\n Firefox. (CVE-2011-0077)\n \n A flaw was found in the way Firefox handled the HTML iframe tag. A web page\n with an iframe tag containing a specially-crafted source address could\n trigger this flaw, possibly leading to arbitrary code execution with the\n privileges of the user running Firefox. (CVE-2011-0075)\n \n A flaw was found in the way Firefox displayed multiple marquee elements. A\n malformed HTML document could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0074)\n \n A flaw was found in the way Firefox handled the nsTreeSelection element.\n Malformed content could cause Firefox to execute arbitrary code with the\n privileges of the user running Firefox. (CVE-2011-0073)\n \n A use-after-free flaw was found in the way Firefox appended frame and\n iframe elements to a DOM tree when the NoScript add-on was enabled.\n Malicious HTML content could cause Firefox to execute arbitrary code with\n the privileges of the user running Firefox. (CVE-2011-0072)\n \n A directory traversal flaw was found in the Firefox resource:// protocol\n handler. Malicious content could cause Firefox to access arbitrary files\n accessible to the user running Firefox. (CVE-2011-0071)\n \n A double free flaw was found in the way Firefox handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Firefox to execute arbitrary code with the privileges of the user\n running Firefox. (CVE-2011-0070)\n \n A flaw was found in the way Firefox handled certain JavaScript cross-domain\n requests. If malicious content generated a large number of cross-domain\n JavaScript reque ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-April/017471.html\");\n script_id(881393);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:41:20 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\",\n \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\",\n \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0471\");\n script_name(\"CentOS Update for firefox CESA-2011:0471 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~2.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:26", "description": "Oracle Linux Local Security Checks ELSA-2011-0471", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0471", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0471.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122186\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0471\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0471 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0471\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0471.html\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.0.1.el5_6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~3.0.1.el5_6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~3.0.1.el5_6\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~1.0.1.el6_0\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~4.0.1.el6_0\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.17~4.0.1.el6_0\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Mandriva Update for firefox MDVSA-2011:079 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310831384", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831384", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for firefox MDVSA-2011:079 (firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-04/msg00028.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831384\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:079\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-0071\", \"CVE-2011-0076\", \"CVE-2011-0067\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\");\n script_name(\"Mandriva Update for firefox MDVSA-2011:079 (firefox)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"firefox on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Chris Evans of the Chrome Security Team reported that the XSLT\n generate-id() function returned a string that revealed a specific valid\n address of an object on the memory heap. It is possible that in some\n cases this address would be valuable information that could be used\n by an attacker while exploiting a different memory corruption but,\n in order to make an exploit more reliable or work around mitigation\n features in the browser or operating system (CVE-2011-1202).\n\n Security researcher Soroush Dalili reported that the resource:\n protocol could be exploited to allow directory traversal on\n Windows and the potential loading of resources from non-permitted\n locations. The impact would depend on whether interesting files\n existed in predictable locations in a useful format. For example,\n the existence or non-existence of particular images might indicate\n whether certain software was installed (CVE-2011-0071).\n\n David Remahl of Apple Product Security reported that the Java Embedding\n Plugin (JEP) shipped with the Mac OS X versions of Firefox could be\n exploited to obtain elevated access to resources on a user's system\n (CVE-2011-0076).\n\n Security researcher Paul Stone reported that a Java applet could be\n used to mimic interaction with form autocomplete controls and steal\n entries from the form history (CVE-2011-0067).\n\n Security researcher regenrecht reported several dangling pointer\n vulnerabilities via TippingPoint's Zero Day Initiative (CVE-2011-0065,\n CVE-2011-0066, CVE-2011-0073).\n\n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2011-0081,\n CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,\n CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).\n\n Additionally the sqlite3 packages were upgraded to the 3.7.6.2\n version. A new package that provides /usr/bin/lemon was added. The\n lemon software was previousely provided with sqlite3 and is used in\n some cases when building php.\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.28mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~13.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0.1~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.8.1~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.2~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-weave-sync\", rpm:\"firefox-ext-weave-sync~1.1~5.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.6.14~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gjs\", rpm:\"gjs~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs0\", rpm:\"libgjs0~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs-devel\", rpm:\"libgjs-devel~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.30.1~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs0\", rpm:\"lib64gjs0~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs-devel\", rpm:\"lib64gjs-devel~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~6.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~6.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-plasmanotify\", rpm:\"firefox-ext-plasmanotify~0.3.1~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~9.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.13mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~7.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-dbus1.0_0\", rpm:\"libggadget-dbus1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-js1.0_0\", rpm:\"libggadget-js1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-npapi1.0_0\", rpm:\"libggadget-npapi1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-webkitjs0\", rpm:\"libggadget-webkitjs0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-xdg1.0_0\", rpm:\"libggadget-xdg1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.28.0~1.21mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets\", rpm:\"google-gadgets~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-dbus1.0_0\", rpm:\"lib64ggadget-dbus1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-js1.0_0\", rpm:\"lib64ggadget-js1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-npapi1.0_0\", rpm:\"lib64ggadget-npapi1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-webkitjs0\", rpm:\"lib64ggadget-webkitjs0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-xdg1.0_0\", rpm:\"lib64ggadget-xdg1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.3~0.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.3~0.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.28mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:26", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "openvas", "title": "Mandriva Update for firefox MDVSA-2011:079 (firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831384", "href": "http://plugins.openvas.org/nasl.php?oid=831384", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for firefox MDVSA-2011:079 (firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Chris Evans of the Chrome Security Team reported that the XSLT\n generate-id() function returned a string that revealed a specific valid\n address of an object on the memory heap. It is possible that in some\n cases this address would be valuable information that could be used\n by an attacker while exploiting a different memory corruption but,\n in order to make an exploit more reliable or work around mitigation\n features in the browser or operating system (CVE-2011-1202).\n\n Security researcher Soroush Dalili reported that the resource:\n protocol could be exploited to allow directory traversal on\n Windows and the potential loading of resources from non-permitted\n locations. The impact would depend on whether interesting files\n existed in predictable locations in a useful format. For example,\n the existence or non-existence of particular images might indicate\n whether certain software was installed (CVE-2011-0071).\n \n David Remahl of Apple Product Security reported that the Java Embedding\n Plugin (JEP) shipped with the Mac OS X versions of Firefox could be\n exploited to obtain elevated access to resources on a user&#039;s system\n (CVE-2011-0076).\n \n Security researcher Paul Stone reported that a Java applet could be\n used to mimic interaction with form autocomplete controls and steal\n entries from the form history (CVE-2011-0067).\n \n Security researcher regenrecht reported several dangling pointer\n vulnerabilities via TippingPoint&#039;s Zero Day Initiative (CVE-2011-0065,\n CVE-2011-0066, CVE-2011-0073).\n \n Mozilla developers identified and fixed several memory safety\n bugs in the browser engine used in Firefox and other Mozilla-based\n products. Some of these bugs showed evidence of memory corruption under\n certain circumstances, and we presume that with enough effort at least\n some of these could be exploited to run arbitrary code (CVE-2011-0081,\n CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,\n CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).\n \n Additionally the sqlite3 packages were upgraded to the 3.7.6.2\n version. A new package that provides /usr/bin/lemon was added. The\n lemon software was previousely provided with sqlite3 and is used in\n some cases when building php.\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-04/msg00028.php\");\n script_id(831384);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-05 07:14:22 +0200 (Thu, 05 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:079\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-0071\", \"CVE-2011-0076\", \"CVE-2011-0067\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0081\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\");\n script_name(\"Mandriva Update for firefox MDVSA-2011:079 (firefox)\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.27mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.28mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~13.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0.1~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.8.1~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.2~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-weave-sync\", rpm:\"firefox-ext-weave-sync~1.1~5.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.6.14~2.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gjs\", rpm:\"gjs~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~18.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs0\", rpm:\"libgjs0~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgjs-devel\", rpm:\"libgjs-devel~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~40.14mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.30.1~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs0\", rpm:\"lib64gjs0~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64gjs-devel\", rpm:\"lib64gjs-devel~0.6~4.11mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~6.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~6.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-plasmanotify\", rpm:\"firefox-ext-plasmanotify~0.3.1~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-r-kiosk\", rpm:\"firefox-ext-r-kiosk~0.7.2~9.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.13mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~7.18mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.25.3~10.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-common\", rpm:\"google-gadgets-common~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-gtk\", rpm:\"google-gadgets-gtk~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets-qt\", rpm:\"google-gadgets-qt~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget1.0_0\", rpm:\"libggadget1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-dbus1.0_0\", rpm:\"libggadget-dbus1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-gtk1.0_0\", rpm:\"libggadget-gtk1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-js1.0_0\", rpm:\"libggadget-js1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-npapi1.0_0\", rpm:\"libggadget-npapi1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-qt1.0_0\", rpm:\"libggadget-qt1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-webkitjs0\", rpm:\"libggadget-webkitjs0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libggadget-xdg1.0_0\", rpm:\"libggadget-xdg1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libgoogle-gadgets-devel\", rpm:\"libgoogle-gadgets-devel~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc2\", rpm:\"libopensc2~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopensc-devel\", rpm:\"libopensc-devel~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-plugin-opensc\", rpm:\"mozilla-plugin-opensc~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.9~20.24mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opensc\", rpm:\"opensc~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.28.0~1.21mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"google-gadgets\", rpm:\"google-gadgets~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget1.0_0\", rpm:\"lib64ggadget1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-dbus1.0_0\", rpm:\"lib64ggadget-dbus1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-gtk1.0_0\", rpm:\"lib64ggadget-gtk1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-js1.0_0\", rpm:\"lib64ggadget-js1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-npapi1.0_0\", rpm:\"lib64ggadget-npapi1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-qt1.0_0\", rpm:\"lib64ggadget-qt1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-webkitjs0\", rpm:\"lib64ggadget-webkitjs0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ggadget-xdg1.0_0\", rpm:\"lib64ggadget-xdg1.0_0~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64google-gadgets-devel\", rpm:\"lib64google-gadgets-devel~0.11.2~0.14mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc2\", rpm:\"lib64opensc2~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opensc-devel\", rpm:\"lib64opensc-devel~0.11.9~1.19mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"beagle\", rpm:\"beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-crawl-system\", rpm:\"beagle-crawl-system~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-doc\", rpm:\"beagle-doc~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-epiphany\", rpm:\"beagle-epiphany~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-evolution\", rpm:\"beagle-evolution~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui\", rpm:\"beagle-gui~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-gui-qt\", rpm:\"beagle-gui-qt~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"beagle-libs\", rpm:\"beagle-libs~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.24.3~0.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.24.3~0.14mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-af\", rpm:\"firefox-af~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ar\", rpm:\"firefox-ar~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-be\", rpm:\"firefox-be~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bg\", rpm:\"firefox-bg~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-bn\", rpm:\"firefox-bn~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ca\", rpm:\"firefox-ca~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cs\", rpm:\"firefox-cs~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-cy\", rpm:\"firefox-cy~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-da\", rpm:\"firefox-da~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-de\", rpm:\"firefox-de~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-el\", rpm:\"firefox-el~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-en_GB\", rpm:\"firefox-en_GB~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eo\", rpm:\"firefox-eo~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_AR\", rpm:\"firefox-es_AR~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-es_ES\", rpm:\"firefox-es_ES~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-et\", rpm:\"firefox-et~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-eu\", rpm:\"firefox-eu~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-beagle\", rpm:\"firefox-ext-beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-blogrovr\", rpm:\"firefox-ext-blogrovr~1.1.804~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-mozvoikko\", rpm:\"firefox-ext-mozvoikko~1.0~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-scribefire\", rpm:\"firefox-ext-scribefire~3.5.1~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ext-xmarks\", rpm:\"firefox-ext-xmarks~3.5.10~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fi\", rpm:\"firefox-fi~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fr\", rpm:\"firefox-fr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-fy\", rpm:\"firefox-fy~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ga_IE\", rpm:\"firefox-ga_IE~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gl\", rpm:\"firefox-gl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-gu_IN\", rpm:\"firefox-gu_IN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-he\", rpm:\"firefox-he~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hi\", rpm:\"firefox-hi~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-hu\", rpm:\"firefox-hu~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-id\", rpm:\"firefox-id~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-is\", rpm:\"firefox-is~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-it\", rpm:\"firefox-it~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ja\", rpm:\"firefox-ja~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ka\", rpm:\"firefox-ka~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-kn\", rpm:\"firefox-kn~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ko\", rpm:\"firefox-ko~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ku\", rpm:\"firefox-ku~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lt\", rpm:\"firefox-lt~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-lv\", rpm:\"firefox-lv~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mk\", rpm:\"firefox-mk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-mr\", rpm:\"firefox-mr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nb_NO\", rpm:\"firefox-nb_NO~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nl\", rpm:\"firefox-nl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-nn_NO\", rpm:\"firefox-nn_NO~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-oc\", rpm:\"firefox-oc~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pa_IN\", rpm:\"firefox-pa_IN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pl\", rpm:\"firefox-pl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_BR\", rpm:\"firefox-pt_BR~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-pt_PT\", rpm:\"firefox-pt_PT~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ro\", rpm:\"firefox-ro~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-ru\", rpm:\"firefox-ru~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-si\", rpm:\"firefox-si~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sk\", rpm:\"firefox-sk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sl\", rpm:\"firefox-sl~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sq\", rpm:\"firefox-sq~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sr\", rpm:\"firefox-sr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-sv_SE\", rpm:\"firefox-sv_SE~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-te\", rpm:\"firefox-te~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-th\", rpm:\"firefox-th~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-theme-kfirefox\", rpm:\"firefox-theme-kfirefox~0.16~0.13mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-tr\", rpm:\"firefox-tr~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-uk\", rpm:\"firefox-uk~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_CN\", rpm:\"firefox-zh_CN~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-zh_TW\", rpm:\"firefox-zh_TW~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~20.27mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lemon\", rpm:\"lemon~3.7.4~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3_0\", rpm:\"libsqlite3_0~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-devel\", rpm:\"libsqlite3-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libsqlite3-static-devel\", rpm:\"libsqlite3-static-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner1.9.2.17\", rpm:\"libxulrunner1.9.2.17~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxulrunner-devel\", rpm:\"libxulrunner-devel~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-beagle\", rpm:\"mozilla-thunderbird-beagle~0.3.8~13.36mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3-tools\", rpm:\"sqlite3-tools~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.24.0~3.28mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-l10n\", rpm:\"firefox-l10n~3.6.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"sqlite3\", rpm:\"sqlite3~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.21~3.25mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3_0\", rpm:\"lib64sqlite3_0~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-devel\", rpm:\"lib64sqlite3-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64sqlite3-static-devel\", rpm:\"lib64sqlite3-static-devel~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner1.9.2.17\", rpm:\"lib64xulrunner1.9.2.17~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xulrunner-devel\", rpm:\"lib64xulrunner-devel~1.9.2.17~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:28", "description": "Check for the Version of tcl-sqlite3", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831387", "href": "http://plugins.openvas.org/nasl.php?oid=831387", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"tcl-sqlite3 on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_insight = \"The TCL extension for sqlite3 was not provided with the the\n MDVSA-2011:079 advisory. This advisory addresses the problem and\n provides the missing packages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-05/msg00003.php\");\n script_id(831387);\n script_cve_id(\"CVE-2011-0065\",\"CVE-2011-0066\",\"CVE-2011-0067\",\"CVE-2011-0069\",\"CVE-2011-0070\",\"CVE-2011-0071\",\"CVE-2011-0072\",\"CVE-2011-0073\",\"CVE-2011-0074\",\"CVE-2011-0075\",\"CVE-2011-0076\",\"CVE-2011-0077\",\"CVE-2011-0078\",\"CVE-2011-0080\",\"CVE-2011-0081\",\"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_xref(name: \"MDVA\", value: \"2011:019\");\n script_name(\"Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)\");\n\n script_summary(\"Check for the Version of tcl-sqlite3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0076", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831387", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831387", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-05/msg00003.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831387\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0076\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_xref(name:\"MDVA\", value:\"2011:019\");\n script_name(\"Mandriva Update for tcl-sqlite3 MDVA-2011:019 (tcl-sqlite3)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcl-sqlite3'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"tcl-sqlite3 on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"The TCL extension for sqlite3 was not provided with the the\n MDVSA-2011:079 advisory. This advisory addresses the problem and\n provides the missing packages.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcl-sqlite3\", rpm:\"tcl-sqlite3~3.7.6.2~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:36", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 2235-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2235-1 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069731", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069731", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2235_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2235-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69731\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2235-1 (icedove)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202235-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Icedove, an unbranded\nversion of the Thunderbird mail/news client.\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nAs indicated in the Lenny (oldstable) release notes, security support for\nthe Icedove packages in the oldstable needed to be stopped before the end\nof the regular Lenny security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a different\nmail client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.0.11-1+squeeze2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your icedove packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to icedove\nannounced via advisory DSA 2235-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icedove\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:31", "description": "The remote host is missing an update to iceweasel\nannounced via advisory DSA 2228-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2228-1 (iceweasel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69573", "href": "http://plugins.openvas.org/nasl.php?oid=69573", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2228_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2228-1 (iceweasel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been found in Iceweasel, a web browser\nbased on Firefox:\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nFor the oldstable distribution (lenny), this problem will be fixed soon\nwith updated packages of the xulrunner source package.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.16-7.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.19-1.\n\nWe recommend that you upgrade your iceweasel packages.\";\ntag_summary = \"The remote host is missing an update to iceweasel\nannounced via advisory DSA 2228-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202228-1\";\n\n\nif(description)\n{\n script_id(69573);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2228-1 (iceweasel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"3.5.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"3.5.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs2d\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs2d-dbg\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9.1\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-1.9.1-dbg\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.1.16-8\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:27", "description": "The remote host is missing an update to iceweasel\nannounced via advisory DSA 2228-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2228-1 (iceweasel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069573", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069573", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2228_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2228-1 (iceweasel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69573\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2228-1 (iceweasel)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202228-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been found in Iceweasel, a web browser\nbased on Firefox:\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nFor the oldstable distribution (lenny), this problem will be fixed soon\nwith updated packages of the xulrunner source package.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.16-7.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.19-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your iceweasel packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to iceweasel\nannounced via advisory DSA 2228-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"3.5.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"3.5.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs2d\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmozjs2d-dbg\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-1.9.1\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-1.9.1-dbg\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.1.16-8\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:34", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 2227-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2227-1 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69570", "href": "http://plugins.openvas.org/nasl.php?oid=69570", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2227_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2227-1 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been found in the Iceape internet suite, an\nunbranded version of Seamonkey:\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nThe oldstable distribution (lenny) is not affected. The iceape package only\nprovides the XPCOM code.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.11-5.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.0.14-1.\n\nWe recommend that you upgrade your iceape packages.\";\ntag_summary = \"The remote host is missing an update to iceape\nannounced via advisory DSA 2227-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202227-1\";\n\n\nif(description)\n{\n script_id(69570);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2227-1 (iceape)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceape\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"2.0.11-5\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 2227-1.", "cvss3": {}, "published": "2011-05-12T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2227-1 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231069570", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069570", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2227_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2227-1 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69570\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2227-1 (iceape)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202227-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been found in the Iceape internet suite, an\nunbranded version of Seamonkey:\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nThe oldstable distribution (lenny) is not affected. The iceape package only\nprovides the XPCOM code.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.11-5.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.0.14-1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your iceape packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to iceape\nannounced via advisory DSA 2227-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceape\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"2.0.11-5\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:27", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 2235-1.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2235-1 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0066", "CVE-2011-0065", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0067", "CVE-2011-0072"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:69731", "href": "http://plugins.openvas.org/nasl.php?oid=69731", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2235_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2235-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in Icedove, an unbranded\nversion of the Thunderbird mail/news client.\n\nCVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081\n\nScoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,\nMats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella\ndiscovered memory corruption bugs, which may lead to the execution\nof arbitrary code.\n\nCVE-2011-0065 CVE-2011-0066 CVE-2011-0073\n\nregenrecht discovered several dangling pointer vulnerabilities,\nwhich may lead to the execution of arbitrary code.\n\nCVE-2011-0067\n\nPaul Stone discovered that Java applets could steal information\nfrom the autocompletion history.\n\nCVE-2011-0071\n\nSoroush Dalili discovered a directory traversal vulnerability in\nhandling resource URIs.\n\nAs indicated in the Lenny (oldstable) release notes, security support for\nthe Icedove packages in the oldstable needed to be stopped before the end\nof the regular Lenny security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a different\nmail client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.0.11-1+squeeze2.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 2235-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202235-1\";\n\n\nif(description)\n{\n script_id(69731);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2235-1 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"3.0.11-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:03", "description": "Oracle Linux Local Security Checks ELSA-2011-0475", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0475", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0078", "CVE-2011-0070"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0475.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122184\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0475\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0475 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0475\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0475.html\");\n script_cve_id(\"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.10~1.0.1.el6_0\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:57:57", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2011:0475-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0078", "CVE-2011-0070"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:870601", "href": "http://plugins.openvas.org/nasl.php?oid=870601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2011:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML content. An\n HTML mail message containing malicious content could possibly lead to\n arbitrary code execution with the privileges of the user running\n Thunderbird. (CVE-2011-0080, CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Thunderbird handled\n out-of-memory conditions. If all memory was consumed when a user viewed a\n malicious HTML mail message, it could possibly lead to arbitrary code\n execution with the privileges of the user running Thunderbird.\n (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Thunderbird handled the HTML\n frameset tag. An HTML mail message with a frameset tag containing large\n values for the "rows" and "cols" attributes could trigger this flaw,\n possibly leading to arbitrary code execution with the privileges of the\n user running Thunderbird. (CVE-2011-0077)\n\n A flaw was found in the way Thunderbird handled the HTML iframe tag. An\n HTML mail message with an iframe tag containing a specially-crafted source\n address could trigger this flaw, possibly leading to arbitrary code\n execution with the privileges of the user running Thunderbird.\n (CVE-2011-0075)\n\n A flaw was found in the way Thunderbird displayed multiple marquee\n elements. A malformed HTML mail message could cause Thunderbird to execute\n arbitrary code with the privileges of the user running Thunderbird.\n (CVE-2011-0074)\n\n A flaw was found in the way Thunderbird handled the nsTreeSelection\n element. Malformed content could cause Thunderbird to execute arbitrary\n code with the privileges of the user running Thunderbird. (CVE-2011-0073)\n\n A directory traversal flaw was found in the Thunderbird resource://\n protocol handler. Malicious content could cause Thunderbird to access\n arbitrary files accessible to the user running Thunderbird. (CVE-2011-0071)\n\n A double free flaw was found in the way Thunderbird handled\n "application/http-index-format" documents. A malformed HTTP response could\n cause Thunderbird to execute arbitrary code with the privileges of the user\n running Thunderbird. (CVE-2011-0070)\n\n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00029.html\");\n script_id(870601);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:32:03 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0073\", \"CVE-2011-0074\",\n \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\",\n \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0475-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2011:0475-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.10~1.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~3.1.10~1.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2011:0475-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-0071", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0081", "CVE-2011-0075", "CVE-2011-0074", "CVE-2011-0078", "CVE-2011-0070"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870601", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2011:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-April/msg00029.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870601\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-06 10:32:03 +0530 (Wed, 06 Jun 2012)\");\n script_cve_id(\"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0073\", \"CVE-2011-0074\",\n \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\",\n \"CVE-2011-0081\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0475-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2011:0475-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML content. An\n HTML mail message containing malicious content could possibly lead to\n arbitrary code execution with the privileges of the user running\n Thunderbird. (CVE-2011-0080, CVE-2011-0081)\n\n An arbitrary memory write flaw was found in the way Thunderbird handled\n out-of-memory conditions. If all memory was consumed when a user viewed a\n malicious HTML mail message, it could possibly lead to arbitrary code\n execution with the privileges of the user running Thunderbird.\n (CVE-2011-0078)\n\n An integer overflow flaw was found in the way Thunderbird handled the HTML\n frameset tag. An HTML mail message with a frameset tag containing large\n values for the 'rows' and 'cols' attributes could trigger this flaw,\n possibly leading to arbitrary code execution with the privileges of the\n user running Thunderbird. (CVE-2011-0077)\n\n A flaw was found in the way Thunderbird handled the HTML iframe tag. An\n HTML mail message with an iframe tag containing a specially-crafted source\n address could trigger this flaw, possibly leading to arbitrary code\n execution with the privileges of the user running Thunderbird.\n (CVE-2011-0075)\n\n A flaw was found in the way Thunderbird displayed multiple marquee\n elements. A malformed HTML mail message could cause Thunderbird to execute\n arbitrary code with the privileges of the user running Thunderbird.\n (CVE-2011-0074)\n\n A flaw was found in the way Thunderbird handled the nsTreeSelection\n element. Malformed content could cause Thunderbird to execute arbitrary\n code with the privileges of the user running Thunderbird. (CVE-2011-0073)\n\n A directory traversal flaw was found in the Thunderbird resource://\n protocol handler. Malicious content could cause Thunderbird to access\n arbitrary files accessible to the user running Thunderbird. (CVE-2011-0071)\n\n A double free flaw was found in the way Thunderbird handled\n 'application/http-index-format' documents. A malformed HTTP response could\n cause Thunderbird to execute arbitrary code with the privileges of the user\n running Thunderbird. (CVE-2011-0070)\n\n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.10~1.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~3.1.10~1.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-11T11:06:12", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Mandriva Update for libxslt MDVSA-2012:164 (libxslt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2870"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:831746", "href": "http://plugins.openvas.org/nasl.php?oid=831746", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libxslt MDVSA-2012:164 (libxslt)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in libxslt:\n\n Unspecified vulnerability in XSLT allows remote attackers to obtain\n potentially sensitive information about heap memory addresses via\n unknown vectors (CVE-2011-1202).\n\n libxslt 1.1.26 and earlier does not properly manage memory, which might\n allow remote attackers to cause a denial of service (application crash)\n via a crafted XSLT expression that is not properly identified during\n XPath navigation, related to (1) the xsltCompileLocationPathPattern\n function in libxslt/pattern.c and (2) the xsltGenerateIdFunction\n function in libxslt/functions.c (CVE-2012-2870).\n\n libxml2 2.9.0-rc1 and earlier does not properly support a cast of\n an unspecified variable during handling of XSL transforms, which\n allows remote attackers to cause a denial of service or possibly have\n unknown other impact via a crafted document, related to the _xmlNs\n data structure in include/libxml/tree.h (CVE-2012-2871).\n\n Double free vulnerability in libxslt allows remote attackers to cause\n a denial of service or possibly have unspecified other impact via\n vectors related to XSL transforms (CVE-2012-2893).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"libxslt on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:164\");\n script_id(831746);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:21:18 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:164\");\n script_name(\"Mandriva Update for libxslt MDVSA-2012:164 (libxslt)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt1\", rpm:\"libxslt1~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libxslt\", rpm:\"python-libxslt~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xsltproc\", rpm:\"xsltproc~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt1\", rpm:\"lib64xslt1~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt-devel\", rpm:\"lib64xslt-devel~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt1\", rpm:\"libxslt1~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-proc\", rpm:\"libxslt-proc~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libxslt\", rpm:\"python-libxslt~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt1\", rpm:\"lib64xslt1~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt-devel\", rpm:\"lib64xslt-devel~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-12T00:00:00", "type": "openvas", "title": "Mandriva Update for libxslt MDVSA-2012:164 (libxslt)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2870"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831746", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for libxslt MDVSA-2012:164 (libxslt)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:164\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831746\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-12 09:21:18 +0530 (Fri, 12 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:164\");\n script_name(\"Mandriva Update for libxslt MDVSA-2012:164 (libxslt)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2011\\.0|mes5\\.2)\");\n script_tag(name:\"affected\", value:\"libxslt on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in libxslt:\n\n Unspecified vulnerability in XSLT allows remote attackers to obtain\n potentially sensitive information about heap memory addresses via\n unknown vectors (CVE-2011-1202).\n\n libxslt 1.1.26 and earlier does not properly manage memory, which might\n allow remote attackers to cause a denial of service (application crash)\n via a crafted XSLT expression that is not properly identified during\n XPath navigation, related to (1) the xsltCompileLocationPathPattern\n function in libxslt/pattern.c and (2) the xsltGenerateIdFunction\n function in libxslt/functions.c (CVE-2012-2870).\n\n libxml2 2.9.0-rc1 and earlier does not properly support a cast of\n an unspecified variable during handling of XSL transforms, which\n allows remote attackers to cause a denial of service or possibly have\n unknown other impact via a crafted document, related to the _xmlNs\n data structure in include/libxml/tree.h (CVE-2012-2871).\n\n Double free vulnerability in libxslt allows remote attackers to cause\n a denial of service or possibly have unspecified other impact via\n vectors related to XSL transforms (CVE-2012-2893).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt1\", rpm:\"libxslt1~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libxslt\", rpm:\"python-libxslt~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xsltproc\", rpm:\"xsltproc~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt1\", rpm:\"lib64xslt1~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt-devel\", rpm:\"lib64xslt-devel~1.1.26~4.3\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt1\", rpm:\"libxslt1~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-proc\", rpm:\"libxslt-proc~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libxslt\", rpm:\"python-libxslt~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt1\", rpm:\"lib64xslt1~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64xslt-devel\", rpm:\"lib64xslt-devel~1.1.24~3.3mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:58:17", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for libxslt RHSA-2012:1265-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:870826", "href": "http://plugins.openvas.org/nasl.php?oid=870826", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxslt RHSA-2012:1265-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html\");\n script_id(870826);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:40:43 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\",\n \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1265-01\");\n script_name(\"RedHat Update for libxslt RHSA-2012:1265-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:58:21", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:881494", "href": "http://plugins.openvas.org/nasl.php?oid=881494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n \n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n \n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n \n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\");\n script_id(881494);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:53 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\",\n \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881494", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018873.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881494\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:45:53 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\",\n \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"libxslt on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.el6_3.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:56:30", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-09-27T00:00:00", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14083", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:864750", "href": "http://plugins.openvas.org/nasl.php?oid=864750", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libxslt on Fedora 17\";\ntag_insight = \"This C library allows to transform XML files into other XML files\n (or HTML, text, ...) using the standard XSLT stylesheet transformation\n mechanism. To use it you need to have a version of libxml2 >= 2.6.27\n installed. The xsltproc command is a command line interface to the XSLT engine\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088273.html\");\n script_id(864750);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:05:40 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-14083\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14083\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~10.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864756", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088344.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864756\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:18:51 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-14048\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14048\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"libxslt on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Oracle Linux Local Security Checks ELSA-2012-1265", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1265", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123820", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1265.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123820\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:59 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1265\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1265 - libxslt security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1265\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1265.html\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.0.1.el5_8.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.0.2.el6_3.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-06T13:07:32", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:881491", "href": "http://plugins.openvas.org/nasl.php?oid=881491", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n \n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n \n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n \n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\";\n\ntag_affected = \"libxslt on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\");\n script_id(881491);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:44:21 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "CentOS Update for libxslt CESA-2012:1265 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881491", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for libxslt CESA-2012:1265 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-September/018871.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881491\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:44:21 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1265\");\n script_name(\"CentOS Update for libxslt CESA-2012:1265 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"libxslt on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:57:00", "description": "Check for the Version of libxslt", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14048", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:864756", "href": "http://plugins.openvas.org/nasl.php?oid=864756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14048\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libxslt on Fedora 16\";\ntag_insight = \"This C library allows to transform XML files into other XML files\n (or HTML, text, ...) using the standard XSLT stylesheet transformation\n mechanism. To use it you need to have a version of libxml2 >= 2.6.27\n installed. The xsltproc command is a command line interface to the XSLT engine\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088344.html\");\n script_id(864756);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:18:51 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2012-14048\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14048\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of libxslt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:03:49", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-123)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120479", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120479", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120479\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:27:23 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-123)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in libxslt. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update libxslt to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-123.html\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2871\", \"CVE-2012-2870\", \"CVE-2012-2825\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.7.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-27T00:00:00", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2012-14083", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864750", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libxslt FEDORA-2012-14083\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088273.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864750\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-27 09:05:40 +0530 (Thu, 27 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2871\",\n \"CVE-2012-2870\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2012-14083\");\n script_name(\"Fedora Update for libxslt FEDORA-2012-14083\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"libxslt on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~10.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-09-17T00:00:00", "type": "openvas", "title": "RedHat Update for libxslt RHSA-2012:1265-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870826", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870826", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for libxslt RHSA-2012:1265-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-September/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870826\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-17 16:40:43 +0530 (Mon, 17 Sep 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\",\n \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1265-01\");\n script_name(\"RedHat Update for libxslt RHSA-2012:1265-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"libxslt on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"libxslt is a library for transforming XML files into other textual formats\n (including HTML, plain text, and other XML representations of the\n underlying data) using the standard XSLT stylesheet transformation\n mechanism.\n\n A heap-based buffer overflow flaw was found in the way libxslt applied\n templates to nodes selected by certain namespaces. An attacker could use\n this flaw to create a malicious XSL file that, when used by an application\n linked against libxslt to perform an XSL transformation, could cause the\n application to crash or, possibly, execute arbitrary code with the\n privileges of the user running the application. (CVE-2012-2871)\n\n Several denial of service flaws were found in libxslt. An attacker could\n use these flaws to create a malicious XSL file that, when used by an\n application linked against libxslt to perform an XSL transformation, could\n cause the application to crash. (CVE-2012-2825, CVE-2012-2870,\n CVE-2011-3970)\n\n An information leak could occur if an application using libxslt processed\n an untrusted XPath expression, or used a malicious XSL file to perform an\n XSL transformation. If combined with other flaws, this leak could possibly\n help an attacker bypass intended memory corruption protections.\n (CVE-2011-1202)\n\n All libxslt users are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues. All running\n applications linked against libxslt must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.26~2.el6_3.1\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-debuginfo\", rpm:\"libxslt-debuginfo~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.17~4.el5_8.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:54", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1123-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for xulrunner-1.9.1 USN-1123-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2010-3778", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0053", "CVE-2011-0066", "CVE-2011-0056", "CVE-2010-3776", "CVE-2011-0065", "CVE-2011-0062", "CVE-2011-0075", "CVE-2011-0074", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0067", "CVE-2011-0055", "CVE-2011-0072"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840642", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840642", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1123_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for xulrunner-1.9.1 USN-1123-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1123-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840642\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1123-1\");\n script_cve_id(\"CVE-2010-3776\", \"CVE-2010-3778\", \"CVE-2011-0053\", \"CVE-2011-0062\", \"CVE-2011-0051\", \"CVE-2011-0055\", \"CVE-2011-0054\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0058\", \"CVE-2010-1585\", \"CVE-2011-0059\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for xulrunner-1.9.1 USN-1123-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU9\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1123-1\");\n script_tag(name:\"affected\", value:\"xulrunner-1.9.1 on Ubuntu 9.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A large number of security issues were discovered in the Gecko rendering\n engine. If a user were tricked into viewing a malicious website, a remote\n attacker could exploit a variety of issues related to web browser security,\n including cross-site scripting attacks, denial of service attacks, and\n arbitrary code execution.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.1\", ver:\"1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:33", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1123-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for xulrunner-1.9.1 USN-1123-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2010-3778", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0053", "CVE-2011-0066", "CVE-2011-0056", "CVE-2010-3776", "CVE-2011-0065", "CVE-2011-0062", "CVE-2011-0075", "CVE-2011-0074", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0067", "CVE-2011-0055", "CVE-2011-0072"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840642", "href": "http://plugins.openvas.org/nasl.php?oid=840642", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1123_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for xulrunner-1.9.1 USN-1123-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A large number of security issues were discovered in the Gecko rendering\n engine. If a user were tricked into viewing a malicious website, a remote\n attacker could exploit a variety of issues related to web browser security,\n including cross-site scripting attacks, denial of service attacks, and\n arbitrary code execution.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1123-1\";\ntag_affected = \"xulrunner-1.9.1 on Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1123-1/\");\n script_id(840642);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1123-1\");\n script_cve_id(\"CVE-2010-3776\", \"CVE-2010-3778\", \"CVE-2011-0053\", \"CVE-2011-0062\", \"CVE-2011-0051\", \"CVE-2011-0055\", \"CVE-2011-0054\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0058\", \"CVE-2010-1585\", \"CVE-2011-0059\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0080\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0072\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0073\", \"CVE-2011-0067\", \"CVE-2011-0071\", \"CVE-2011-1202\");\n script_name(\"Ubuntu Update for xulrunner-1.9.1 USN-1123-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.1\", ver:\"1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1595-1", "cvss3": {}, "published": "2012-10-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for libxslt USN-1595-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841174", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841174", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1595_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for libxslt USN-1595-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1595-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841174\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-05 09:44:04 +0530 (Fri, 05 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1595-1\");\n script_name(\"Ubuntu Update for libxslt USN-1595-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|12\\.04 LTS|11\\.10|11\\.04|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1595-1\");\n script_tag(name:\"affected\", value:\"libxslt on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS,\n Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Chris Evans discovered that libxslt incorrectly handled generate-id XPath\n functions. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could obtain potentially\n sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu\n 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\n It was discovered that libxslt incorrectly parsed certain patterns. If a\n user or automated system were tricked into processing a specially crafted\n XSLT document, a remote attacker could cause libxslt to crash, causing a\n denial of service. (CVE-2011-3970)\n\n Nicholas Gregoire discovered that libxslt incorrectly handled unexpected\n DTD nodes. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could cause libxslt to\n crash, causing a denial of service. (CVE-2012-2825)\n\n Nicholas Gregoire discovered that libxslt incorrectly managed memory. If a\n user or automated system were tricked into processing a specially crafted\n XSLT document, a remote attacker could cause libxslt to crash, causing a\n denial of service. (CVE-2012-2870)\n\n Nicholas Gregoire discovered that libxslt incorrectly handled certain\n transforms. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could cause libxslt to\n crash, causing a denial of service, or possibly execute arbitrary code.\n (CVE-2012-2871)\n\n Cris Neckar discovered that libxslt incorrectly managed memory. If a user\n or automated system were tricked into processing a specially crafted XSLT\n document, a remote attacker could cause libxslt to crash, causing a denial\n of service, or possibly execute arbitrary code. (CVE-2012-2893)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-1ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-8ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-7ubuntu0.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-6ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.22-1ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:20:53", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1595-1", "cvss3": {}, "published": "2012-10-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for libxslt USN-1595-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2893", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-2870"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841174", "href": "http://plugins.openvas.org/nasl.php?oid=841174", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1595_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for libxslt USN-1595-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Chris Evans discovered that libxslt incorrectly handled generate-id XPath\n functions. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could obtain potentially\n sensitive information. This issue only affected Ubuntu 8.04 LTS, Ubuntu\n 10.04 LTS and Ubuntu 11.04. (CVE-2011-1202)\n\n It was discovered that libxslt incorrectly parsed certain patterns. If a\n user or automated system were tricked into processing a specially crafted\n XSLT document, a remote attacker could cause libxslt to crash, causing a\n denial of service. (CVE-2011-3970)\n \n Nicholas Gregoire discovered that libxslt incorrectly handled unexpected\n DTD nodes. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could cause libxslt to\n crash, causing a denial of service. (CVE-2012-2825)\n \n Nicholas Gregoire discovered that libxslt incorrectly managed memory. If a\n user or automated system were tricked into processing a specially crafted\n XSLT document, a remote attacker could cause libxslt to crash, causing a\n denial of service. (CVE-2012-2870)\n \n Nicholas Gregoire discovered that libxslt incorrectly handled certain\n transforms. If a user or automated system were tricked into processing a\n specially crafted XSLT document, a remote attacker could cause libxslt to\n crash, causing a denial of service, or possibly execute arbitrary code.\n (CVE-2012-2871)\n \n Cris Neckar discovered that libxslt incorrectly managed memory. If a user\n or automated system were tricked into processing a specially crafted XSLT\n document, a remote attacker could cause libxslt to crash, causing a denial\n of service, or possibly execute arbitrary code. (CVE-2012-2893)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1595-1\";\ntag_affected = \"libxslt on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1595-1/\");\n script_id(841174);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-05 09:44:04 +0530 (Fri, 05 Oct 2012)\");\n script_cve_id(\"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\", \"CVE-2012-2893\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1595-1\");\n script_name(\"Ubuntu Update for libxslt USN-1595-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-1ubuntu1.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-8ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-7ubuntu0.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.26-6ubuntu0.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.22-1ubuntu1.3\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-12-19T16:07:28", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX security updates for the authentication service and third party libraries (VMSA-2013-0001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103655", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103655", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103655\");\n script_cve_id(\"CVE-2013-1405\", \"CVE-2011-3102\", \"CVE-2012-2807\", \"CVE-2012-4244\", \"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX security updates for the authentication service and third party libraries (VMSA-2013-0001)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:02:01 +0100 (Mon, 04 Feb 2013)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\");\n\n script_tag(name:\"affected\", value:\"ESXi 4.1 without patch ESXi410-201301401-SG\n\n ESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG\n\n ESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\");\n\n script_tag(name:\"insight\", value:\"a. VMware vSphere client-side authentication memory corruption vulnerability\n\n VMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\n handling of the management authentication protocol. To exploit this\n vulnerability, an attacker must convince either vCenter Server,\n vSphere Client or ESX to interact with a malicious server as a\n client. Exploitation of the issue may lead to code execution on the client\n system.\n\n To reduce the likelihood of exploitation, vSphere components should be\n deployed on an isolated management network.\n\n b. Update to ESX/ESXi libxml2 userworld and service console\n\n The ESX/ESXi userworld libxml2 library has been updated to resolve\n multiple security issues. Also, the ESX service console libxml2\n packages are updated to the following versions:\n\n libxml2-2.6.26-2.1.15.el5_8.5\n\n libxml2-python-2.6.26-2.1.15.el5_8.5\n\n c. Update to ESX service console bind packages\n\n The ESX service console bind packages are updated to the following versions:\n\n bind-libs-9.3.6-20.P1.el5_8.2\n\n bind-utils-9.3.6-20.P1.el5_8.2\n\n d. Update to ESX service console libxslt package\n\n The ESX service console libxslt package is updated to version\n libxslt-1.1.17-4.el5_8.3 to resolve multiple security issues.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2013-0001.html\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201301401-SG\",\n \"4.0.0\", \"ESXi400-201302403-SG\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:11:20", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG \nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a \nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network. \n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5 \n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2 \n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. \n\nSolution\nApply the missing patch(es).", "cvss3": {}, "published": "2013-02-04T00:00:00", "type": "openvas", "title": "VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2012-2871", "CVE-2012-2825", "CVE-2011-3970", "CVE-2012-4244", "CVE-2012-2870", "CVE-2011-3102", "CVE-2012-2807", "CVE-2013-1405"], "modified": "2017-05-11T00:00:00", "id": "OPENVAS:103655", "href": "http://plugins.openvas.org/nasl.php?oid=103655", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2013-0001.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2013-0001.\n\nSummary\nVMware vSphere security updates for for the authentication service and third party libraries\n\nRelevant releases\nvCenter Server 4.1 without Update 3a\nvSphere Client 4.1 without Update 3a\nESXi 4.1 without patch ESXi410-201301401-SG\nESXi 4.0 without patches ESXi400-201302401-SG and ESXi400-201302403-SG \nESX 4.1 without patches ESX410-201301401-SG, ESX410-201301402-SG, ESX410-201301403-SG and ESX410-201301405-SG\n\nProblem Description\n\na. VMware vSphere client-side authentication memory corruption vulnerability\nVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the\nhandling of the management authentication protocol. To exploit this\nvulnerability, an attacker must convince either vCenter Server,\nvSphere Client or ESX to interact with a malicious server as a \nclient. Exploitation of the issue may lead to code execution on the client\nsystem.\n\nTo reduce the likelihood of exploitation, vSphere components should be\ndeployed on an isolated management network. \n\nb. Update to ESX/ESXi libxml2 userworld and service console\n\nThe ESX/ESXi userworld libxml2 library has been updated to resolve\nmultiple security issues. Also, the ESX service console libxml2\npackages are updated to the following versions:\n\nlibxml2-2.6.26-2.1.15.el5_8.5\nlibxml2-python-2.6.26-2.1.15.el5_8.5 \n\nc. Update to ESX service console bind packages\n\nThe ESX service console bind packages are updated to the following versions:\n\nbind-libs-9.3.6-20.P1.el5_8.2\nbind-utils-9.3.6-20.P1.el5_8.2 \n\nd. Update to ESX service console libxslt package\nThe ESX service console libxslt package is updated to version\nlibxslt-1.1.17-4.el5_8.3 to resolve multiple security issues. \n\nSolution\nApply the missing patch(es).\";\n\n\nif (description)\n{\n script_id(103655);\n script_cve_id(\"CVE-2013-1405\", \"CVE-2011-3102\", \"CVE-2012-2807\", \"CVE-2012-4244\", \"CVE-2011-1202\", \"CVE-2011-3970\", \"CVE-2012-2825\", \"CVE-2012-2870\", \"CVE-2012-2871\");\n\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version (\"$Revision: 6104 $\");\n script_name(\"VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries\");\n\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-04 11:02:01 +0100 (Mon, 04 Feb 2013)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://www.vmware.com/security/advisories/VMSA-2013-0001.html\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201301401-SG\",\n \"4.0.0\",\"ESXi400-201302403-SG\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-05T11:22:29", "description": "The host is running Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2011-03-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - March 11(Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2011-1197", "CVE-2011-1286", "CVE-2011-1204", "CVE-2011-1194", "CVE-2011-1199", "CVE-2011-1195", "CVE-2011-1191", "CVE-2011-1201", "CVE-2011-1203", "CVE-2011-1190", "CVE-2011-1196", "CVE-2011-1285", "CVE-2011-1185", "CVE-2011-1198", "CVE-2011-1189", "CVE-2011-1187", "CVE-2011-1193", "CVE-2011-1188", "CVE-2011-1200"], "modified": "2017-09-04T00:00:00", "id": "OPENVAS:801763", "href": "http://plugins.openvas.org/nasl.php?oid=801763", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_dos_vuln_mar11_win.nasl 7052 2017-09-04 11:50:51Z teissa $\n#\n# Google Chrome Multiple Denial of Service Vulnerabilities - March 11(Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause denial-of-service.\n Impact Level: Application\";\ntag_affected = \"Google Chrome version prior to 10.0.648.127 on Windows\";\ntag_insight = \"The flaws are due to\n - Not preventing 'navigation' and 'close' operations on the top location of a\n sandboxed frame.\n - Cross-origin error message leak.\n - Error in performing 'box layout'.\n - Memory corruption error in 'counter nodes'.\n - Error in 'Web Workers' implementation which allows remote attackers to\n bypass the Same Origin Policy via unspecified vectors, related to an error\n message leak.\n - Use-after-free vulnerability in 'DOM URL' handling.\n - Error in 'Google V8', which allows remote attackers to bypass the Same\n Origin Policy via unspecified vectors.\n - Use-after-free vulnerability in document script lifetime handling.\n - Error in performing 'table painting'.\n - Error in 'OGG' container implementation.\n - Use of corrupt out-of-bounds structure in video code.\n - Error in handling DataView objects.\n - Bad cast in text rendering.\n - Error in context implementation in WebKit.\n - Unspecified vulnerability in the 'XSLT' implementation.\n - Not properly handling 'SVG' cursors.\n - 'DOM' tree corruption with attribute handling.\n - Corruption via re-entrancy of RegExp code.\";\ntag_solution = \"Upgrade to the Google Chrome 10.0.648.127 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is running Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(801763);\n script_version(\"$Revision: 7052 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-09-04 13:50:51 +0200 (Mon, 04 Sep 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-16 15:16:52 +0100 (Wed, 16 Mar 2011)\");\n script_cve_id(\"CVE-2011-1185\", \"CVE-2011-1187\", \"CVE-2011-1188\", \"CVE-2011-1189\",\n \"CVE-2011-1190\", \"CVE-2011-1191\", \"CVE-2011-1193\", \"CVE-2011-1194\",\n \"CVE-2011-1195\", \"CVE-2011-1196\", \"CVE-2011-1197\", \"CVE-2011-1198\",\n \"CVE-2011-1199\", \"CVE-2011-1200\", \"CVE-2011-1201\", \"CVE-2011-1202\",\n \"CVE-2011-1203\", \"CVE-2011-1204\", \"CVE-2011-1285\", \"CVE-2011-1286\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Google Chrome Multiple Vulnerabilities - March 11(Windows)\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_google_chrome_detect_win.nasl\");\n script_require_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 10.0.648.127.\nif(version_is_less(version:chromeVer, test_version:\"10.0.648.127\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:22:24", "description": "The host is running Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2011-03-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - March 11(Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1202", "CVE-2011-1197", "CVE-2011-1286", "CVE-2011-1204", "CVE-2011-1194", "CVE-2011-1199", "CVE-2011-1195", "CVE-2011-1191", "CVE-2011-1201", "CVE-2011-1203", "CVE-2011-1190", "CVE-2011-1196", "CVE-2011-1285", "CVE-2011-1185", "CVE-2011-1198", "CVE-2011-1189", "CVE-2011-1187", "CVE-2011-1193", "CVE-2011-1188", "CVE-2011-1200"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801763", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801763", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Denial of Service Vulnerabilities - March 11(Windows)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801763\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-03-16 15:16:52 +0100 (Wed, 16 Mar 2011)\");\n script_cve_id(\"CVE-2011-1185\", \"CVE-2011-1187\", \"CVE-2011-1188\", \"CVE-2011-1189\",\n \"CVE-2011-1190\", \"CVE-2011-1191\", \"CVE-2011-1193\", \"CVE-2011-1194\",\n \"CVE-2011-1195\", \"CVE-2011-1196\", \"CVE-2011-1197\", \"CVE-2011-1198\",\n \"CVE-2011-1199\", \"CVE-2011-1200\", \"CVE-2011-1201\", \"CVE-2011-1202\",\n \"CVE-2011-1203\", \"CVE-2011-1204\", \"CVE-2011-1285\", \"CVE-2011-1286\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Google Chrome Multiple Vulnerabilities - March 11(Windows)\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_google_chrome_detect_portable_win.nasl\");\n script_mandatory_keys(\"GoogleChrome/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause denial-of-service.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 10.0.648.127 on Windows\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - Not preventing 'navigation' and 'close' operations on the top location of a\n sandboxed frame.\n\n - Cross-origin error message leak.\n\n - Error in performing 'box layout'.\n\n - Memory corruption error in 'counter nodes'.\n\n - Error in 'Web Workers' implementation which allows remote attackers to\n bypass the Same Origin Policy via unspecified vectors, related to an error\n message leak.\n\n - Use-after-free vulnerability in 'DOM URL' handling.\n\n - Error in 'Google V8', which allows remote attackers to bypass the Same\n Origin Policy via unspecified vectors.\n\n - Use-after-free vulnerability in document script lifetime handling.\n\n - Error in performing 'table painting'.\n\n - Error in 'OGG' container implementation.\n\n - Use of corrupt out-of-bounds structure in video code.\n\n - Error in handling DataView objects.\n\n - Bad cast in text rendering.\n\n - Error in context implementation in WebKit.\n\n - Unspecified vulnerability in the 'XSLT' implementation.\n\n - Not properly handling 'SVG' cursors.\n\n - 'DOM' tree corruption with attribute handling.\n\n - Corruption via re-entrancy of RegExp code.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 10.0.648.127 or later.\");\n script_tag(name:\"summary\", value:\"The host is running Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"GoogleChrome/Win/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"10.0.648.127\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"10.0.648.127\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-09-04T14:19:51", "description": "The host is running Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2011-03-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - March 11(Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1413", "CVE-2011-1202", "CVE-2011-1186", "CVE-2011-1192", "CVE-2011-1197", "CVE-2011-1286", "CVE-2011-1204", "CVE-2011-1194", "CVE-2011-1199", "CVE-2011-1195", "CVE-2011-1191", "CVE-2011-1201", "CVE-2011-1203", "CVE-2011-1190", "CVE-2011-1196", "CVE-2011-1285", "CVE-2011-1185", "CVE-2011-1198", "CVE-2011-1189", "CVE-2011-1187", "CVE-2011-1193", "CVE-2011-1188", "CVE-2011-1200"], "modified": "2017-08-25T00:00:00", "id": "OPENVAS:801762", "href": "http://plugins.openvas.org/nasl.php?oid=801762", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_google_chrome_mult_dos_vuln_mar11_lin.nasl 7006 2017-08-25 11:51:20Z teissa $\n#\n# Google Chrome Multiple Denial of Service Vulnerabilities - March 11(Linux)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to cause denial-of-service.\n Impact Level: Application\";\ntag_affected = \"Google Chrome version prior to 10.0.648.127 on Linux.\";\ntag_insight = \"The flaws are due to\n - Not preventing 'navigation' and 'close' operations on the top location of a\n sandboxed frame.\n - Error in handling parallel execution of calls to the 'print' method.\n - Cross-origin error message leak.\n - Error in performing 'box layout'.\n - Memory corruption error in 'counter nodes'.\n - Error in 'Web Workers' implementation allows which remote attackers to\n bypass the Same Origin Policy via unspecified vectors, related to an error\n message leak.\n - Use-after-free vulnerability in 'DOM URL' handling.\n - Out of bounds read handling unicode ranges.\n - Error in 'Google V8', allows remote attackers to bypass the Same Origin\n Policy via unspecified vectors.\n - Use-after-free vulnerability in document script lifetime handling.\n - Error in performing 'table painting'.\n - Error in 'OGG' container implementation.\n - Use of corrupt out-of-bounds structure in video code.\n - Error in handling DataView objects.\n - Bad cast in text rendering.\n - Error in context implementation in WebKit.\n - Unspecified vulnerability in the 'XSLT' implementation.\n - Not properly handling 'SVG' cursors.\n - 'DOM' tree corruption with attribute handling.\n - Corruption via re-entrancy of RegExp code.\n - Not properly mitigate an unspecified flaw in an X server.\";\ntag_solution = \"Upgrade to the Google Chrome 10.0.648.127 or later,\n For updates refer to http://www.google.com/chrome\";\ntag_summary = \"The host is running Google Chrome and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(801762);\n script_version(\"$Revision: 7006 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-25 13:51:20 +0200 (Fri, 25 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-16 15:16:52 +0100 (Wed, 16 Mar 2011)\");\n script_cve_id(\"CVE-2011-1185\", \"CVE-2011-1186\", \"CVE-2011-1187\", \"CVE-2011-1188\",\n \"CVE-2011-1189\", \"CVE-2011-1190\", \"CVE-2011-1191\", \"CVE-2011-1192\",\n \"CVE-2011-1193\", \"CVE-2011-1194\", \"CVE-2011-1195\", \"CVE-2011-1196\",\n \"CVE-2011-1197\", \"CVE-2011-1198\", \"CVE-2011-1199\", \"CVE-2011-1200\",\n \"CVE-2011-1201\", \"CVE-2011-1202\", \"CVE-2011-1203\", \"CVE-2011-1204\",\n \"CVE-2011-1285\", \"CVE-2011-1286\", \"CVE-2011-1413\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Google Chrome Multiple Vulnerabilities - March 11(Linux)\");\n script_xref(name : \"URL\" , value : \"http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\");\n\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_require_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Get the version from KB\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\n## Check for Google Chrome Version less than 10.0.648.127.\nif(version_is_less(version:chromeVer, test_version:\"10.0.648.127\")){\n security_message(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-27T19:22:58", "description": "The host is running Google Chrome and is prone to multiple\n vulnerabilities.", "cvss3": {}, "published": "2011-03-16T00:00:00", "type": "openvas", "title": "Google Chrome Multiple Vulnerabilities - March 11(Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1413", "CVE-2011-1202", "CVE-2011-1186", "CVE-2011-1192", "CVE-2011-1197", "CVE-2011-1286", "CVE-2011-1204", "CVE-2011-1194", "CVE-2011-1199", "CVE-2011-1195", "CVE-2011-1191", "CVE-2011-1201", "CVE-2011-1203", "CVE-2011-1190", "CVE-2011-1196", "CVE-2011-1285", "CVE-2011-1185", "CVE-2011-1198", "CVE-2011-1189", "CVE-2011-1187", "CVE-2011-1193", "CVE-2011-1188", "CVE-2011-1200"], "modified": "2020-04-23T00:00:00", "id": "OPENVAS:1361412562310801762", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801762", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Google Chrome Multiple Denial of Service Vulnerabilities - March 11(Linux)\n#\n# Authors:\n# Madhuri D <dmadhuri@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801762\");\n script_version(\"2020-04-23T08:43:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 08:43:39 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-03-16 15:16:52 +0100 (Wed, 16 Mar 2011)\");\n script_cve_id(\"CVE-2011-1185\", \"CVE-2011-1186\", \"CVE-2011-1187\", \"CVE-2011-1188\",\n \"CVE-2011-1189\", \"CVE-2011-1190\", \"CVE-2011-1191\", \"CVE-2011-1192\",\n \"CVE-2011-1193\", \"CVE-2011-1194\", \"CVE-2011-1195\", \"CVE-2011-1196\",\n \"CVE-2011-1197\", \"CVE-2011-1198\", \"CVE-2011-1199\", \"CVE-2011-1200\",\n \"CVE-2011-1201\", \"CVE-2011-1202\", \"CVE-2011-1203\", \"CVE-2011-1204\",\n \"CVE-2011-1285\", \"CVE-2011-1286\", \"CVE-2011-1413\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Google Chrome Multiple Vulnerabilities - March 11(Linux)\");\n script_xref(name:\"URL\", value:\"http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html\");\n\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_google_chrome_detect_lin.nasl\");\n script_mandatory_keys(\"Google-Chrome/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to cause denial-of-service.\");\n script_tag(name:\"affected\", value:\"Google Chrome version prior to 10.0.648.127 on Linux.\");\n script_tag(name:\"insight\", value:\"The flaws are due to\n\n - Not preventing 'navigation' and 'close' operations on the top location of a\n sandboxed frame.\n\n - Error in handling parallel execution of calls to the 'print' method.\n\n - Cross-origin error message leak.\n\n - Error in performing 'box layout'.\n\n - Memory corruption error in 'counter nodes'.\n\n - Error in 'Web Workers' implementation allows which remote attackers to\n bypass the Same Origin Policy via unspecified vectors, related to an error\n message leak.\n\n - Use-after-free vulnerability in 'DOM URL' handling.\n\n - Out of bounds read handling unicode ranges.\n\n - Error in 'Google V8', allows remote attackers to bypass the Same Origin\n Policy via unspecified vectors.\n\n - Use-after-free vulnerability in document script lifetime handling.\n\n - Error in performing 'table painting'.\n\n - Error in 'OGG' container implementation.\n\n - Use of corrupt out-of-bounds structure in video code.\n\n - Error in handling DataView objects.\n\n - Bad cast in text rendering.\n\n - Error in context implementation in WebKit.\n\n - Unspecified vulnerability in the 'XSLT' implementation.\n\n - Not properly handling 'SVG' cursors.\n\n - 'DOM' tree corruption with attribute handling.\n\n - Corruption via re-entrancy of RegExp code.\n\n - Not properly mitigate an unspecified flaw in an X server.\");\n script_tag(name:\"solution\", value:\"Upgrade to the Google Chrome 10.0.648.127 or later.\");\n script_tag(name:\"summary\", value:\"The host is running Google Chrome and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nchromeVer = get_kb_item(\"Google-Chrome/Linux/Ver\");\nif(!chromeVer){\n exit(0);\n}\n\nif(version_is_less(version:chromeVer, test_version:\"10.0.648.127\")){\n report = report_fixed_ver(installed_version:chromeVer, fixed_version:\"10.0.648.127\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:06", "description": "Gentoo Linux Local Security Checks GLSA 201301-01", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201301-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121000", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121000", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201301-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121000\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:19 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201301-01\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201301-01\");\n script_cve_id(\"CVE-2011-3101\", \"CVE-2007-2436\", \"CVE-2007-2437\", \"CVE-2007-2671\", \"CVE-2007-3073\", \"CVE-2008-0016\", \"CVE-2008-0017\", \"CVE-2008-0367\", \"CVE-2008-3835\", \"CVE-2008-3836\", \"CVE-2008-3837\", \"CVE-2008-4058\", \"CVE-2008-4059\", \"CVE-2008-4060\", \"CVE-2008-4061\", \"CVE-2008-4062\", \"CVE-2008-4063\", \"CVE-2008-4064\", \"CVE-2008-4065\", \"CVE-2008-4066\", \"CVE-2008-4067\", \"CVE-2008-4068\", \"CVE-2008-4069\", \"CVE-2008-4070\", \"CVE-2008-4582\", \"CVE-2008-5012\", \"CVE-2008-5013\", \"CVE-2008-5014\", \"CVE-2008-5015\", \"CVE-2008-5016\", \"CVE-2008-5017\", \"CVE-2008-5018\", \"CVE-2008-5019\", \"CVE-2008-5021\", \"CVE-2008-5022\", \"CVE-2008-5023\", \"CVE-2008-5024\", \"CVE-2008-5052\", \"CVE-2008-5500\", \"CVE-2008-5501\", \"CVE-2008-5502\", \"CVE-2008-5503\", \"CVE-2008-5504\", \"CVE-2008-5505\", \"CVE-2008-5506\", \"CVE-2008-5507\", \"CVE-2008-5508\", \"CVE-2008-5510\", \"CVE-2008-5511\", \"CVE-2008-5512\", \"CVE-2008-5513\", \"CVE-2008-5822\", \"CVE-2008-5913\", \"CVE-2008-6961\", \"CVE-2009-0071\", \"CVE-2009-0352\", \"CVE-2009-0353\", \"CVE-2009-0354\", \"CVE-2009-0355\", \"CVE-2009-0356\", \"CVE-2009-0357\", \"CVE-2009-0358\", \"CVE-2009-0652\", \"CVE-2009-0771\", \"CVE-2009-0772\", \"CVE-2009-0773\", \"CVE-2009-0774\", \"CVE-2009-0775\", \"CVE-2009-0776\", \"CVE-2009-0777\", \"CVE-2009-1044\", \"CVE-2009-1169\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1304\", \"CVE-2009-1305\", \"CVE-2009-1306\", \"CVE-2009-1307\", \"CVE-2009-1308\", \"CVE-2009-1309\", \"CVE-2009-1310\", \"CVE-2009-1311\", \"CVE-2009-1312\", \"CVE-2009-1313\", \"CVE-2009-1392\", \"CVE-2009-1563\", \"CVE-2009-1571\", \"CVE-2009-1828\", \"CVE-2009-1832\", \"CVE-2009-1833\", \"CVE-2009-1834\", \"CVE-2009-1835\", \"CVE-2009-1836\", \"CVE-2009-1837\", \"CVE-2009-1838\", \"CVE-2009-1839\", \"CVE-2009-1840\", \"CVE-2009-1841\", \"CVE-2009-2043\", \"CVE-2009-2044\", \"CVE-2009-2061\", \"CVE-2009-2065\", \"CVE-2009-2210\", \"CVE-2009-2404\", \"CVE-2009-2408\", \"CVE-2009-2462\", \"CVE-2009-2463\", \"CVE-2009-2464\", \"CVE-2009-2465\", \"CVE-2009-2466\", \"CVE-2009-2467\", \"CVE-2009-2469\", \"CVE-2009-2470\", \"CVE-2009-2471\", \"CVE-2009-2472\", \"CVE-2009-2477\", \"CVE-2009-2478\", \"CVE-2009-2479\", \"CVE-2009-2535\", \"CVE-2009-2654\", \"CVE-2009-2662\", \"CVE-2009-2664\", \"CVE-2009-2665\", \"CVE-2009-3069\", \"CVE-2009-3070\", \"CVE-2009-3071\", \"CVE-2009-3072\", \"CVE-2009-3074\", \"CVE-2009-3075\", \"CVE-2009-3076\", \"CVE-2009-3077\", \"CVE-2009-3078\", \"CVE-2009-3079\", \"CVE-2009-3274\", \"CVE-2009-3371\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3374\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3377\", \"CVE-2009-3378\", \"CVE-2009-3379\", \"CVE-2009-3380\", \"CVE-2009-3381\", \"CVE-2009-3382\", \"CVE-2009-3383\", \"CVE-2009-3388\", \"CVE-2009-3389\", \"CVE-2009-3555\", \"CVE-2009-3978\", \"CVE-2009-3979\", \"CVE-2009-3980\", \"CVE-2009-3981\", \"CVE-2009-3982\", \"CVE-2009-3983\", \"CVE-2009-3984\", \"CVE-2009-3985\", \"CVE-2009-3986\", \"CVE-2009-3987\", \"CVE-2009-3988\", \"CVE-2010-0159\", \"CVE-2010-0160\", \"CVE-2010-0162\", \"CVE-2010-0163\", \"CVE-2010-0164\", \"CVE-2010-0165\", \"CVE-2010-0166\", \"CVE-2010-0167\", \"CVE-2010-0168\", \"CVE-2010-0169\", \"CVE-2010-0170\", \"CVE-2010-0171\", \"CVE-2010-0172\", \"CVE-2010-0173\", \"CVE-2010-0174\", \"CVE-2010-0175\", \"CVE-2010-0176\", \"CVE-2010-0177\", \"CVE-2010-0178\", \"CVE-2010-0179\", \"CVE-2010-0181\", \"CVE-2010-0182\", \"CVE-2010-0183\", \"CVE-2010-0220\", \"CVE-2010-0648\", \"CVE-2010-0654\", \"CVE-2010-1028\", \"CVE-2010-1121\", \"CVE-2010-1125\", \"CVE-2010-1196\", \"CVE-2010-1197\", \"CVE-2010-1198\", \"CVE-2010-1199\", \"CVE-2010-1200\", \"CVE-2010-1201\", \"CVE-2010-1202\", \"CVE-2010-1203\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-1585\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2755\", \"CVE-2010-2760\", \"CVE-2010-2762\", \"CVE-2010-2763\", \"CVE-2010-2764\", \"CVE-2010-2765\", \"CVE-2010-2766\", \"CVE-2010-2767\", \"CVE-2010-2768\", \"CVE-2010-2769\", \"CVE-2010-2770\", \"CVE-2010-3131\", \"CVE-2010-3166\", \"CVE-2010-3167\", \"CVE-2010-3168\", \"CVE-2010-3169\", \"CVE-2010-3170\", \"CVE-2010-3171\", \"CVE-2010-3173\", \"CVE-2010-3174\", \"CVE-2010-3175\", \"CVE-2010-3176\", \"CVE-2010-3177\", \"CVE-2010-3178\", \"CVE-2010-3179\", \"CVE-2010-3180\", \"CVE-2010-3182\", \"CVE-2010-3183\", \"CVE-2010-3399\", \"CVE-2010-3400\", \"CVE-2010-3765\", \"CVE-2010-3766\", \"CVE-2010-3767\", \"CVE-2010-3768\", \"CVE-2010-3769\", \"CVE-2010-3770\", \"CVE-2010-3771\", \"CVE-2010-3772\", \"CVE-2010-3773\", \"CVE-2010-3774\", \"CVE-2010-3775\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\", \"CVE-2010-4508\", \"CVE-2010-5074\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0054\", \"CVE-2011-0055\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0058\", \"CVE-2011-0059\", \"CVE-2011-0061\", \"CVE-2011-0062\", \"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0068\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0071\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0076\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0079\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-0082\", \"CVE-2011-0083\", \"CVE-2011-0084\", \"CVE-2011-0085\", \"CVE-2011-1187\", \"CVE-2011-1202\", \"CVE-2011-1712\", \"CVE-2011-2362\", \"CVE-2011-2363\", \"CVE-2011-2364\", \"CVE-2011-2365\", \"CVE-2011-2369\", \"CVE-2011-2370\", \"CVE-2011-2371\", \"CVE-2011-2372\", \"CVE-2011-2373\", \"CVE-2011-2374\", \"CVE-2011-2375\", \"CVE-2011-2376\", \"CVE-2011-2377\", \"CVE-2011-2378\", \"CVE-2011-2605\", \"CVE-2011-2980\", \"CVE-2011-2981\", \"CVE-2011-2982\", \"CVE-2011-2983\", \"CVE-2011-2984\", \"CVE-2011-2985\", \"CVE-2011-2986\", \"CVE-2011-2987\", \"CVE-2011-2988\", \"CVE-2011-2989\", \"CVE-2011-2990\", \"CVE-2011-2991\", \"CVE-2011-2993\", \"CVE-2011-2995\", \"CVE-2011-2996\", \"CVE-2011-2997\", \"CVE-2011-2998\", \"CVE-2011-2999\", \"CVE-2011-3000\", \"CVE-2011-3001\", \"CVE-2011-3002\", \"CVE-2011-3003\", \"CVE-2011-3004\", \"CVE-2011-3005\", \"CVE-2011-3026\", \"CVE-2011-3062\", \"CVE-2011-3232\", \"CVE-2011-3389\", \"CVE-2011-3640\", \"CVE-2011-3647\", \"CVE-2011-3648\", \"CVE-2011-3649\", \"CVE-2011-3650\", \"CVE-2011-3651\", \"CVE-2011-3652\", \"CVE-2011-3653\", \"CVE-2011-3654\", \"CVE-2011-3655\", \"CVE-2011-3658\", \"CVE-2011-3659\", \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2011-3665\", \"CVE-2011-3670\", \"CVE-2011-3866\", \"CVE-2011-4688\", \"CVE-2012-0441\", \"CVE-2012-0442\", \"CVE-2012-0443\", \"CVE-2012-0444\", \"CVE-2012-0445\", \"CVE-2012-0446\", \"CVE-2012-0447\", \"CVE-2012-0449\", \"CVE-2012-0450\", \"CVE-2012-0451\", \"CVE-2012-0452\", \"CVE-2012-0455\", \"CVE-2012-0456\", \"CVE-2012-0457\", \"CVE-2012-0458\", \"CVE-2012-0459\", \"CVE-2012-0460\", \"CVE-2012-0461\", \"CVE-2012-0462\", \"CVE-2012-0463\", \"CVE-2012-0464\", \"CVE-2012-0467\", \"CVE-2012-0468\", \"CVE-2012-0469\", \"CVE-2012-0470\", \"CVE-2012-0471\", \"CVE-2012-0473\", \"CVE-2012-0474\", \"CVE-2012-0475\", \"CVE-2012-0477\", \"CVE-2012-0478\", \"CVE-2012-0479\", \"CVE-2012-1937\", \"CVE-2012-1938\", \"CVE-2012-1939\", \"CVE-2012-1940\", \"CVE-2012-1941\", \"CVE-2012-1945\", \"CVE-2012-1946\", \"CVE-2012-1947\", \"CVE-2012-1948\", \"CVE-2012-1949\", \"CVE-2012-1950\", \"CVE-2012-1951\", \"CVE-2012-1952\", \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1956\", \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1960\", \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1964\", \"CVE-2012-1965\", \"CVE-2012-1966\", \"CVE-2012-1967\", \"CVE-2012-1970\", \"CVE-2012-1971\", \"CVE-2012-1972\", \"CVE-2012-1973\", \"CVE-2012-1974\", \"CVE-2012-1975\", \"CVE-2012-1976\", \"CVE-2012-1994\", \"CVE-2012-3956\", \"CVE-2012-3957\", \"CVE-2012-3958\", \"CVE-2012-3959\", \"CVE-2012-3960\", \"CVE-2012-3961\", \"CVE-2012-3962\", \"CVE-2012-3963\", \"CVE-2012-3964\", \"CVE-2012-3965\", \"CVE-2012-3966\", \"CVE-2012-3967\", \"CVE-2012-3968\", \"CVE-2012-3969\", \"CVE-2012-3970\", \"CVE-2012-3971\", \"CVE-2012-3972\", \"CVE-2012-3973\", \"CVE-2012-3975\", \"CVE-2012-3976\", \"CVE-2012-3977\", \"CVE-2012-3978\", \"CVE-2012-3980\", \"CVE-2012-3982\", \"CVE-2012-3984\", \"CVE-2012-3985\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3989\", \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\", \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\", \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\", \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\", \"CVE-2012-4190\", \"CVE-2012-4191\", \"CVE-2012-4192\", \"CVE-2012-4193\", \"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\", \"CVE-2012-4201\", \"CVE-2012-4202\", \"CVE-2012-4204\", \"CVE-2012-4205\", \"CVE-2012-4206\", \"CVE-2012-4207\", \"CVE-2012-4208\", \"CVE-2012-4209\", \"CVE-2012-4210\", \"CVE-2012-4212\", \"CVE-2012-4215\", \"CVE-2012-4216\", \"CVE-2012-5354\", \"CVE-2012-5829\", \"CVE-2012-5830\", \"CVE-2012-5833\", \"CVE-2012-5835\", \"CVE-2012-5836\", \"CVE-2012-5838\", \"CVE-2012-5839\", \"CVE-2012-5840\", \"CVE-2012-5841\", \"CVE-2012-5842\", \"CVE-2012-5843\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201301-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/firefox\", unaffected: make_list(\"ge 10.0.11\"), vulnerable: make_list(\"lt 10.0.11\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/firefox-bin\", unaffected: make_list(\"ge 10.0.11\"), vulnerable: make_list(\"lt 10.0.11\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/thunderbird\", unaffected: make_list(\"ge 10.0.11\"), vulnerable: make_list(\"lt 10.0.11\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/thunderbird-bin\", unaffected: make_list(\"ge 10.0.11\"), vulnerable: make_list(\"lt 10.0.11\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/seamonkey\", unaffected: make_list(\"ge 2.14-r1\"), vulnerable: make_list(\"lt 2.14-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/seamonkey-bin\", unaffected: make_list(\"ge 2.14\"), vulnerable: make_list(\"lt 2.14\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-libs/nss\", unaffected: make_list(\"ge 3.14\"), vulnerable: make_list(\"lt 3.14\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/mozilla-firefox\", unaffected: make_list(), vulnerable: make_list(\"lt 3.6.8\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/mozilla-firefox-bin\", unaffected: make_list(), vulnerable: make_list(\"lt 3.5.6\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/mozilla-thunderbird\", unaffected: make_list(), vulnerable: make_list(\"lt 3.0.4-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"mail-client/mozilla-thunderbird-bin\", unaffected: make_list(), vulnerable: make_list(\"lt 3.0\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-client/icecat\", unaffected: make_list(), vulnerable: make_list(\"lt 10.0-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"net-libs/xulrunner\", unaffected: make_list(), vulnerable: make_list(\"lt 2.0-r1\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"net-libs/xulrunner-bin\", unaffected: make_list(), vulnerable: make_list(\"lt 1.8.1.19\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:39:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-09-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for Firefox (openSUSE-SU-2014:1100-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850607", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850607", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850607\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-09-10 05:54:29 +0200 (Wed, 10 Sep 2014)\");\n script_cve_id(\"CVE-2007-3089\", \"CVE-2007-3285\", \"CVE-2007-3656\", \"CVE-2007-3670\",\n \"CVE-2007-3734\", \"CVE-2007-3735\", \"CVE-2007-3736\", \"CVE-2007-3737\",\n \"CVE-2007-3738\", \"CVE-2008-0016\", \"CVE-2008-1233\", \"CVE-2008-1234\",\n \"CVE-2008-1235\", \"CVE-2008-1236\", \"CVE-2008-1237\", \"CVE-2008-3835\",\n \"CVE-2008-4058\", \"CVE-2008-4059\", \"CVE-2008-4060\", \"CVE-2008-4061\",\n \"CVE-2008-4062\", \"CVE-2008-4063\", \"CVE-2008-4064\", \"CVE-2008-4065\",\n \"CVE-2008-4066\", \"CVE-2008-4067\", \"CVE-2008-4068\", \"CVE-2008-4070\",\n \"CVE-2008-5012\", \"CVE-2008-5014\", \"CVE-2008-5016\", \"CVE-2008-5017\",\n \"CVE-2008-5018\", \"CVE-2008-5021\", \"CVE-2008-5022\", \"CVE-2008-5024\",\n \"CVE-2008-5500\", \"CVE-2008-5501\", \"CVE-2008-5502\", \"CVE-2008-5503\",\n \"CVE-2008-5506\", \"CVE-2008-5507\", \"CVE-2008-5508\", \"CVE-2008-5510\",\n \"CVE-2008-5511\", \"CVE-2008-5512\", \"CVE-2009-0040\", \"CVE-2009-0771\",\n \"CVE-2009-0772\", \"CVE-2009-0773\", \"CVE-2009-0774\", \"CVE-2009-0776\",\n \"CVE-2009-1571\", \"CVE-2009-3555\", \"CVE-2010-0159\", \"CVE-2010-0173\",\n \"CVE-2010-0174\", \"CVE-2010-0175\", \"CVE-2010-0176\", \"CVE-2010-0182\",\n \"CVE-2010-0654\", \"CVE-2010-1121\", \"CVE-2010-1196\", \"CVE-2010-1199\",\n \"CVE-2010-1200\", \"CVE-2010-1201\", \"CVE-2010-1202\", \"CVE-2010-1203\",\n \"CVE-2010-1205\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\",\n \"CVE-2010-1585\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\",\n \"CVE-2010-2760\", \"CVE-2010-2762\", \"CVE-2010-2764\", \"CVE-2010-2765\",\n \"CVE-2010-2766\", \"CVE-2010-2767\", \"CVE-2010-2768\", \"CVE-2010-2769\",\n \"CVE-2010-3166\", \"CVE-2010-3167\", \"CVE-2010-3168\", \"CVE-2010-3169\",\n \"CVE-2010-3170\", \"CVE-2010-3173\", \"CVE-2010-3174\", \"CVE-2010-3175\",\n \"CVE-2010-3176\", \"CVE-2010-3178\", \"CVE-2010-3179\", \"CVE-2010-3180\",\n \"CVE-2010-3182\", \"CVE-2010-3183\", \"CVE-2010-3765\", \"CVE-2010-3768\",\n \"CVE-2010-3769\", \"CVE-2010-3776\", \"CVE-2010-3777\", \"CVE-2010-3778\",\n \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\", \"CVE-2011-0069\",\n \"CVE-2011-0070\", \"CVE-2011-0072\", \"CVE-2011-0074\", \"CVE-2011-0075\",\n \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\",\n \"CVE-2011-0083\", \"CVE-2011-0084\", \"CVE-2011-0085\", \"CVE-2011-1187\",\n \"CVE-2011-2362\", \"CVE-2011-2363\", \"CVE-2011-2364\", \"CVE-2011-2365\",\n \"CVE-2011-2371\", \"CVE-2011-2372\", \"CVE-2011-2373\", \"CVE-2011-2374\",\n \"CVE-2011-2376\", \"CVE-2011-2377\", \"CVE-2011-2985\", \"CVE-2011-2986\",\n \"CVE-2011-2987\", \"CVE-2011-2988\", \"CVE-2011-2989\", \"CVE-2011-2991\",\n \"CVE-2011-2992\", \"CVE-2011-3000\", \"CVE-2011-3001\", \"CVE-2011-3005\",\n \"CVE-2011-3026\", \"CVE-2011-3062\", \"CVE-2011-3101\", \"CVE-2011-3232\",\n \"CVE-2011-3648\", \"CVE-2011-3650\", \"CVE-2011-3651\", \"CVE-2011-3652\",\n \"CVE-2011-3654\", \"CVE-2011-3655\", \"CVE-2011-3658\", \"CVE-2011-3659\",\n \"CVE-2011-3660\", \"CVE-2011-3661\", \"CVE-2011-3663\", \"CVE-2012-0441\",\n \"CVE-2012-0442\", \"CVE-2012-0443\", \"CVE-2012-0444\", \"CVE-2012-0445\",\n \"CVE-2012-0446\", \"CVE-2012-0447\", \"CVE-2012-0449\", \"CVE-2012-0451\",\n \"CVE-2012-0452\", \"CVE-2012-0455\", \"CVE-2012-0456\", \"CVE-2012-0457\",\n \"CVE-2012-0458\", \"CVE-2012-0459\", \"CVE-2012-0460\", \"CVE-2012-0461\",\n \"CVE-2012-0462\", \"CVE-2012-0463\", \"CVE-2012-0464\", \"CVE-2012-0467\",\n \"CVE-2012-0468\", \"CVE-2012-0469\", \"CVE-2012-0470\", \"CVE-2012-0471\",\n \"CVE-2012-0472\", \"CVE-2012-0473\", \"CVE-2012-0474\", \"CVE-2012-0475\",\n \"CVE-2012-0477\", \"CVE-2012-0478\", \"CVE-2012-0479\", \"CVE-2012-0759\",\n \"CVE-2012-1937\", \"CVE-2012-1938\", \"CVE-2012-1940\", \"CVE-2012-1941\",\n \"CVE-2012-1944\", \"CVE-2012-1945\", \"CVE-2012-1946\", \"CVE-2012-1947\",\n \"CVE-2012-1948\", \"CVE-2012-1949\", \"CVE-2012-1951\", \"CVE-2012-1952\",\n \"CVE-2012-1953\", \"CVE-2012-1954\", \"CVE-2012-1955\", \"CVE-2012-1956\",\n \"CVE-2012-1957\", \"CVE-2012-1958\", \"CVE-2012-1959\", \"CVE-2012-1960\",\n \"CVE-2012-1961\", \"CVE-2012-1962\", \"CVE-2012-1963\", \"CVE-2012-1967\",\n \"CVE-2012-1970\", \"CVE-2012-1972\", \"CVE-2012-1973\", \"CVE-2012-1974\",\n \"CVE-2012-1975\", \"CVE-2012-1976\", \"CVE-2012-3956\", \"CVE-2012-3957\",\n \"CVE-2012-3958\", \"CVE-2012-3959\", \"CVE-2012-3960\", \"CVE-2012-3961\",\n \"CVE-2012-3962\", \"CVE-2012-3963\", \"CVE-2012-3964\", \"CVE-2012-3966\",\n \"CVE-2012-3967\", \"CVE-2012-3968\", \"CVE-2012-3969\", \"CVE-2012-3970\",\n \"CVE-2012-3971\", \"CVE-2012-3972\", \"CVE-2012-3975\", \"CVE-2012-3978\",\n \"CVE-2012-3980\", \"CVE-2012-3982\", \"CVE-2012-3983\", \"CVE-2012-3984\",\n \"CVE-2012-3985\", \"CVE-2012-3986\", \"CVE-2012-3988\", \"CVE-2012-3989\",\n \"CVE-2012-3990\", \"CVE-2012-3991\", \"CVE-2012-3992\", \"CVE-2012-3993\",\n \"CVE-2012-3994\", \"CVE-2012-3995\", \"CVE-2012-4179\", \"CVE-2012-4180\",\n \"CVE-2012-4181\", \"CVE-2012-4182\", \"CVE-2012-4183\", \"CVE-2012-4184\",\n \"CVE-2012-4185\", \"CVE-2012-4186\", \"CVE-2012-4187\", \"CVE-2012-4188\",\n \"CVE-2012-4191\", \"CVE-2012-4192\", \"CVE-2012-4193\", \"CVE-2012-4194\",\n \"CVE-2012-4195\", \"CVE-2012-4196\", \"CVE-2012-4201\", \"CVE-2012-4202\",\n \"CVE-2012-4204\", \"CVE-2012-4205\", \"CVE-2012-4207\", \"CVE-2012-4208\",\n \"CVE-2012-4209\", \"CVE-2012-4212\", \"CVE-2012-4213\", \"CVE-2012-4214\",\n \"CVE-2012-4215\", \"CVE-2012-4216\", \"CVE-2012-4217\", \"CVE-2012-4218\",\n \"CVE-2012-5829\", \"CVE-2012-5830\", \"CVE-2012-5833\", \"CVE-2012-5835\",\n \"CVE-2012-5836\", \"CVE-2012-5837\", \"CVE-2012-5838\", \"CVE-2012-5839\",\n \"CVE-2012-5840\", \"CVE-2012-5841\", \"CVE-2012-5842\", \"CVE-2012-5843\",\n \"CVE-2013-0743\", \"CVE-2013-0744\", \"CVE-2013-0745\", \"CVE-2013-0746\",\n \"CVE-2013-0747\", \"CVE-2013-0748\", \"CVE-2013-0749\", \"CVE-2013-0750\",\n \"CVE-2013-0752\", \"CVE-2013-0753\", \"CVE-2013-0754\", \"CVE-2013-0755\",\n \"CVE-2013-0756\", \"CVE-2013-0757\", \"CVE-2013-0758\", \"CVE-2013-0760\",\n \"CVE-2013-0761\", \"CVE-2013-0762\", \"CVE-2013-0763\", \"CVE-2013-0764\",\n \"CVE-2013-0766\", \"CVE-2013-0767\", \"CVE-2013-0768\", \"CVE-2013-0769\",\n \"CVE-2013-0770\", \"CVE-2013-0771\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0780\", \"CVE-2013-0782\",\n \"CVE-2013-0783\", \"CVE-2013-0787\", \"CVE-2013-0788\", \"CVE-2013-0789\",\n \"CVE-2013-0793\", \"CVE-2013-0795\", \"CVE-2013-0796\", \"CVE-2013-0800\",\n \"CVE-2013-0801\", \"CVE-2013-1669\", \"CVE-2013-1670\", \"CVE-2013-1674\",\n \"CVE-2013-1675\", \"CVE-2013-1676\", \"CVE-2013-1677\", \"CVE-2013-1678\",\n \"CVE-2013-1679\", \"CVE-2013-1680\", \"CVE-2013-1681\", \"CVE-2013-1682\",\n \"CVE-2013-1684\", \"CVE-2013-1685\", \"CVE-2013-1686\", \"CVE-2013-1687\",\n \"CVE-2013-1690\", \"CVE-2013-1692\", \"CVE-2013-1693\", \"CVE-2013-1694\",\n \"CVE-2013-1697\", \"CVE-2013-1701\", \"CVE-2013-1709\", \"CVE-2013-1710\",\n \"CVE-2013-1713\", \"CVE-2013-1714\", \"CVE-2013-1717\", \"CVE-2013-1718\",\n \"CVE-2013-1719\", \"CVE-2013-1720\", \"CVE-2013-1722\", \"CVE-2013-1723\",\n \"CVE-2013-1724\", \"CVE-2013-1725\", \"CVE-2013-1728\", \"CVE-2013-1730\",\n \"CVE-2013-1732\", \"CVE-2013-1735\", \"CVE-2013-1736\", \"CVE-2013-1737\",\n \"CVE-2013-1738\", \"CVE-2013-5590\", \"CVE-2013-5591\", \"CVE-2013-5592\",\n \"CVE-2013-5593\", \"CVE-2013-5595\", \"CVE-2013-5596\", \"CVE-2013-5597\",\n \"CVE-2013-5599\", \"CVE-2013-5600\", \"CVE-2013-5601\", \"CVE-2013-5602\",\n \"CVE-2013-5603\", \"CVE-2013-5604\", \"CVE-2013-5609\", \"CVE-2013-5610\",\n \"CVE-2013-5611\", \"CVE-2013-5612\", \"CVE-2013-5613\", \"CVE-2013-5614\",\n \"CVE-2013-5615\", \"CVE-2013-5616\", \"CVE-2013-5618\", \"CVE-2013-5619\",\n \"CVE-2013-6629\", \"CVE-2013-6630\", \"CVE-2013-6671\", \"CVE-2013-6672\",\n \"CVE-2013-6673\", \"CVE-2014-1477\", \"CVE-2014-1478\", \"CVE-2014-1479\",\n \"CVE-2014-1480\", \"CVE-2014-1481\", \"CVE-2014-1482\", \"CVE-2014-1483\",\n \"CVE-2014-1484\", \"CVE-2014-1485\", \"CVE-2014-1486\", \"CVE-2014-1487\",\n \"CVE-2014-1488\", \"CVE-2014-1489\", \"CVE-2014-1490\", \"CVE-2014-1491\",\n \"CVE-2014-1492\", \"CVE-2014-1493\", \"CVE-2014-1494\", \"CVE-2014-1497\",\n \"CVE-2014-1498\", \"CVE-2014-1499\", \"CVE-2014-1500\", \"CVE-2014-1502\",\n \"CVE-2014-1504\", \"CVE-2014-1505\", \"CVE-2014-1508\", \"CVE-2014-1509\",\n \"CVE-2014-1510\", \"CVE-2014-1511\", \"CVE-2014-1512\", \"CVE-2014-1513\",\n \"CVE-2014-1514\", \"CVE-2014-1518\", \"CVE-2014-1519\", \"CVE-2014-1522\",\n \"CVE-2014-1523\", \"CVE-2014-1524\", \"CVE-2014-1525\", \"CVE-2014-1526\",\n \"CVE-2014-1528\", \"CVE-2014-1529\", \"CVE-2014-1530\", \"CVE-2014-1531\",\n \"CVE-2014-1532\", \"CVE-2014-1533\", \"CVE-2014-1534\", \"CVE-2014-1536\",\n \"CVE-2014-1537\", \"CVE-2014-1538\", \"CVE-2014-1539\", \"CVE-2014-1540\",\n \"CVE-2014-1541\", \"CVE-2014-1542\", \"CVE-2014-1543\", \"CVE-2014-1544\",\n \"CVE-2014-1545\", \"CVE-2014-1547\", \"CVE-2014-1548\", \"CVE-2014-1549\",\n \"CVE-2014-1550\", \"CVE-2014-1552\", \"CVE-2014-1553\", \"CVE-2014-1555\",\n \"CVE-2014-1556\", \"CVE-2014-1557\", \"CVE-2014-1558\", \"CVE-2014-1559\",\n \"CVE-2014-1560\", \"CVE-2014-1561\", \"CVE-2014-1562\", \"CVE-2014-1563\",\n \"CVE-2014-1564\", \"CVE-2014-1565\", \"CVE-2014-1567\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for Firefox (openSUSE-SU-2014:1100-1)\");\n\n script_tag(name:\"insight\", value:\"This patch contains security updates for\n\n * mozilla-nss 3.16.4\n\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n\n - CN = GTE CyberTrust Global Root\n\n * In NSS 3.16.3, the 1024-bit 'Entrust.net Secure Server Certification\n Authority' root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the 'USERTrust Legacy Secure Server CA'\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\");\n\n script_tag(name:\"affected\", value:\"Firefox on openSUSE 11.4\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2014:1100-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.4\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE11.4\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~24.8.0~127.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3\", rpm:\"libfreebl3~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo\", rpm:\"libfreebl3-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3\", rpm:\"libsoftokn3~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo\", rpm:\"libsoftokn3-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss\", rpm:\"mozilla-nss~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs\", rpm:\"mozilla-nss-certs~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo\", rpm:\"mozilla-nss-certs-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo\", rpm:\"mozilla-nss-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debugsource\", rpm:\"mozilla-nss-debugsource~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-devel\", rpm:\"mozilla-nss-devel~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit\", rpm:\"mozilla-nss-sysinit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo\", rpm:\"mozilla-nss-sysinit-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools\", rpm:\"mozilla-nss-tools~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-tools-debuginfo\", rpm:\"mozilla-nss-tools-debuginfo~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-32bit\", rpm:\"libfreebl3-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-32bit\", rpm:\"libfreebl3-debuginfo-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-32bit\", rpm:\"libsoftokn3-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-32bit\", rpm:\"libsoftokn3-debuginfo-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-32bit\", rpm:\"mozilla-nss-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-32bit\", rpm:\"mozilla-nss-certs-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-32bit\", rpm:\"mozilla-nss-certs-debuginfo-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-32bit\", rpm:\"mozilla-nss-debuginfo-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-32bit\", rpm:\"mozilla-nss-sysinit-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-32bit\", rpm:\"mozilla-nss-sysinit-debuginfo-32bit~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-debuginfo-x86\", rpm:\"libfreebl3-debuginfo-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libfreebl3-x86\", rpm:\"libfreebl3-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-debuginfo-x86\", rpm:\"libsoftokn3-debuginfo-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libsoftokn3-x86\", rpm:\"libsoftokn3-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-debuginfo-x86\", rpm:\"mozilla-nss-certs-debuginfo-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-certs-x86\", rpm:\"mozilla-nss-certs-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-debuginfo-x86\", rpm:\"mozilla-nss-debuginfo-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-debuginfo-x86\", rpm:\"mozilla-nss-sysinit-debuginfo-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-sysinit-x86\", rpm:\"mozilla-nss-sysinit-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mozilla-nss-x86\", rpm:\"mozilla-nss-x86~3.16.4~94.1\", rls:\"openSUSE11.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T13:00:55", "description": "Versions of Firefox 4.0.x earlier than 4.0.1 are potentially affected by multiple vulnerabilities : \n\nMultiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12)\n - Multiple vulnerabilities in the WebGL feature and WebGLES could be exploited to execute arbitrary code or bypass ASLR protection on Windows. (MFSA2011-17) - The XSLT 'generate-id()' function returned a string that revealed a specific valid address of an object on the memory heap. (MFSA2011-18)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2011-04-29T00:00:00", "type": "nessus", "title": "Mozilla Firefox 4.0.x < 4.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0070", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-1202", "CVE-2011-0079", "CVE-2011-0068"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"], "id": "5902.PRM", "href": "https://www.tenable.com/plugins/nnm/5902", "sourceData": "Binary data 5902.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:05", "description": "The installed version of Firefox 4.0 is earlier than 4.0.1. As such, it is potentially affected by the following security issues :\n\n - A buffer overflow exists in the WebGLES library.\n Additionally, the Windows version was not compiled with ASLR enabled. (CVE-2011-0068)\n\n - Multiple memory safety issues can lead to application crashes and possibly remote code execution.\n (CVE-2011-0069, CVE-2011-0070, CVE-2011-0079, CVE-2011-0081)\n\n - An information disclosure vulnerability exists in the 'xsltGenerateIdFunction' function in the included libxslt library. (CVE-2011-1202)", "cvss3": {"score": null, "vector": null}, "published": "2011-04-29T00:00:00", "type": "nessus", "title": "Firefox 4.0 < 4.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0068", "CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-1202"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_401.NASL", "href": "https://www.tenable.com/plugins/nessus/53595", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53595);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\n \"CVE-2011-0068\",\n \"CVE-2011-0069\",\n \"CVE-2011-0070\",\n \"CVE-2011-0079\",\n \"CVE-2011-0081\",\n \"CVE-2011-1202\"\n );\n script_bugtraq_id(\n 47641,\n 47646,\n 47648,\n 47651,\n 47653,\n 47654,\n 47655,\n 47656,\n 47657,\n 47659,\n 47661,\n 47662,\n 47663,\n 47667,\n 47668\n );\n script_xref(name:\"Secunia\", value:\"44406\");\n\n script_name(english:\"Firefox 4.0 < 4.0.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox 4.0 is earlier than 4.0.1. As such,\nit is potentially affected by the following security issues :\n\n - A buffer overflow exists in the WebGLES library.\n Additionally, the Windows version was not compiled\n with ASLR enabled. (CVE-2011-0068)\n\n - Multiple memory safety issues can lead to application\n crashes and possibly remote code execution.\n (CVE-2011-0069, CVE-2011-0070, CVE-2011-0079,\n CVE-2011-0081)\n\n - An information disclosure vulnerability exists in the\n 'xsltGenerateIdFunction' function in the included\n libxslt library. (CVE-2011-1202)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-12/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-17/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-18/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?12d3777c\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Firefox 4.0.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mozilla Firefox \"nsTreeRange\" Dangling Pointer Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\n\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'4.0.1', min:'4.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:00:54", "description": "Versions of Firefox 4.0.x earlier than 4.0.1 are potentially affected by multiple vulnerabilities : \n\nMultiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12)\n\n - Multiple vulnerabilities in the WebGL feature and WebGLES could be exploited to execute arbitrary code or bypass ASLR protection on Windows. (MFSA2011-17) - The XSLT 'generate-id()' function returned a string that revealed a specific valid address of an object on the memory heap. (MFSA2011-18)", "cvss3": {"score": null, "vector": null}, "published": "2011-04-29T00:00:00", "type": "nessus", "title": "Mozilla Firefox 4.0.x < 4.0.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0070", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-1202", "CVE-2011-0079", "CVE-2011-0068"], "modified": "2011-04-29T00:00:00", "cpe": [], "id": "801264.PRM", "href": "https://www.tenable.com/plugins/lce/801264", "sourceData": "Binary data 801264.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:34", "description": "Mozilla Firefox was updated to the 4.0.1 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits\n\nMozilla developers Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, Nils, Scoobidiver, and Ted Mielczarek reported memory safety issues which affected Firefox 4. (CVE-2011-0079)\n\nMozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\nMFSA 2011-17 / CVE-2011-0068: Two crashes that could potentially be exploited to run malicious code were found in the WebGL feature and fixed in Firefox 4.0.1. In addition the WebGLES libraries could potentially be used to bypass a security feature of recent Windows versions. The WebGL feature was introduced in Firefox 4; older versions are not affected by these issues.\n\nNils reported that the WebGLES libraries in the Windows version of Firefox were compiled without ASLR protection. An attacker who found an exploitable memory corruption flaw could then use these libraries to bypass ASLR on Windows Vista and Windows 7, making the flaw as exploitable on those platforms as it would be on Windows XP or other platforms.\n\nMozilla researcher Christoph Diehl reported a potentially exploitable buffer overflow in the WebGLES library\n\nYuri Ko reported a potentially exploitable overwrite in the WebGLES library to the Chrome Secuity Team. We thank them for coordinating with us on this fix.\n\nMFSA 2011-18 / CVE-2011-1202: Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaFirefox (MozillaFirefox-4457)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0068", "CVE-2011-0070", "CVE-2011-0079", "CVE-2011-0081", "CVE-2011-1202"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:mozilla-js20", "p-cpe:/a:novell:opensuse:mozilla-js20-32bit", "p-cpe:/a:novell:opensuse:mozilla-js20-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-js20-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-buildsymbols", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debugsource", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-devel", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-devel-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-common", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-common-32bit", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-other", "p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-other-32bit", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_MOZILLAFIREFOX-110429.NASL", "href": "https://www.tenable.com/plugins/nessus/75944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaFirefox-4457.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75944);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0068\", \"CVE-2011-0070\", \"CVE-2011-0079\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n\n script_name(english:\"openSUSE Security Update : MozillaFirefox (MozillaFirefox-4457)\");\n script_summary(english:\"Check for the MozillaFirefox-4457 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox was updated to the 4.0.1 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory\nsafety bugs in the browser engine used in Firefox and other\nMozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with\nenough effort at least some of these could be exploited to run\narbitrary code. Credits\n\nMozilla developers Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael\nWu, Nils, Scoobidiver, and Ted Mielczarek reported memory safety\nissues which affected Firefox 4. (CVE-2011-0079)\n\nMozilla developer Scoobidiver reported a memory safety issue which\naffected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0070)\n\nMFSA 2011-17 / CVE-2011-0068: Two crashes that could potentially be\nexploited to run malicious code were found in the WebGL feature and\nfixed in Firefox 4.0.1. In addition the WebGLES libraries could\npotentially be used to bypass a security feature of recent Windows\nversions. The WebGL feature was introduced in Firefox 4; older\nversions are not affected by these issues.\n\nNils reported that the WebGLES libraries in the Windows version of\nFirefox were compiled without ASLR protection. An attacker who found\nan exploitable memory corruption flaw could then use these libraries\nto bypass ASLR on Windows Vista and Windows 7, making the flaw as\nexploitable on those platforms as it would be on Windows XP or other\nplatforms.\n\nMozilla researcher Christoph Diehl reported a potentially exploitable\nbuffer overflow in the WebGLES library\n\nYuri Ko reported a potentially exploitable overwrite in the WebGLES\nlibrary to the Chrome Secuity Team. We thank them for coordinating\nwith us on this fix.\n\nMFSA 2011-18 / CVE-2011-1202: Chris Evans of the Chrome Security Team\nreported that the XSLT generate-id() function returned a string that\nrevealed a specific valid address of an object on the memory heap. It\nis possible that in some cases this address would be valuable\ninformation that could be used by an attacker while exploiting a\ndifferent memory corruption but, in order to make an exploit more\nreliable or work around mitigation features in the browser or\noperating system.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=689281\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaFirefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js20-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-gnome-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-common-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-xulrunner20-translations-other-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-branding-upstream-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-debuginfo-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-debugsource-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-devel-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-translations-common-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaFirefox-translations-other-4.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-js20-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-js20-debuginfo-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-buildsymbols-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-debuginfo-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-debugsource-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-devel-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-devel-debuginfo-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-gnome-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-gnome-debuginfo-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-translations-common-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"mozilla-xulrunner20-translations-other-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-js20-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-js20-debuginfo-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-debuginfo-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-gnome-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-gnome-debuginfo-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-translations-common-32bit-2.0.1-0.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"mozilla-xulrunner20-translations-other-32bit-2.0.1-0.2.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaFirefox\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:00:54", "description": "Versions of Thunderbird 3.1.x earlier than 3.1.10 are potentially affected by multiple vulnerabilities :\n\n - Multiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12)\n\n - The 'resource:' protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. (MFSA2011-16)", "cvss3": {"score": null, "vector": null}, "published": "2011-04-29T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird 3.1.x < 3.1.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0070", "CVE-2011-0071", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-0072", "CVE-2011-0079"], "modified": "2011-04-29T00:00:00", "cpe": [], "id": "801271.PRM", "href": "https://www.tenable.com/plugins/lce/801271", "sourceData": "Binary data 801271.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:00:55", "description": "Versions of Mozilla Thunderbird 3.1.x prior to 3.1.10 are affected by the following vulnerabilities :\n\n - Multiple memory corruption issues could lead to arbitrary code execution. (MFSA2011-12)\n - The 'resource:' protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. (MFSA2011-16)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2011-04-29T00:00:00", "type": "nessus", "title": "Mozilla Thunderbird 3.1.x < 3.1.10 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0070", "CVE-2011-0071", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081", "CVE-2011-0069", "CVE-2011-0072", "CVE-2011-0079"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"], "id": "5903.PRM", "href": "https://www.tenable.com/plugins/nnm/5903", "sourceData": "Binary data 5903.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:45", "description": "Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0072", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:enigmail", "p-cpe:/a:novell:opensuse:enigmail-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_MOZILLATHUNDERBIRD-110429.NASL", "href": "https://www.tenable.com/plugins/nessus/75964", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-4458.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75964);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0072\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)\");\n script_summary(english:\"Check for the MozillaThunderbird-4458 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory\nsafety bugs in the browser engine used in Firefox and other\nMozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with\nenough effort at least some of these could be exploited to run\narbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which\naffected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected\nFirefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats\nPalmgren and Jesse Ruderman reported memory safety issues which\naffected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox\n3.6 and Firefox 3.5. (CVE-2011-0072)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=689281\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-buildsymbols-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-debuginfo-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-debugsource-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-devel-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-devel-debuginfo-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-translations-common-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"MozillaThunderbird-translations-other-3.1.10-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"enigmail-1.1.2-9.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"enigmail-debuginfo-1.1.2-9.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:35", "description": "Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072)", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0072", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:enigmail", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_MOZILLATHUNDERBIRD-110429.NASL", "href": "https://www.tenable.com/plugins/nessus/75664", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-4458.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75664);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0072\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)\");\n script_summary(english:\"Check for the MozillaThunderbird-4458 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory\nsafety bugs in the browser engine used in Firefox and other\nMozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with\nenough effort at least some of these could be exploited to run\narbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which\naffected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected\nFirefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats\nPalmgren and Jesse Ruderman reported memory safety issues which\naffected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox\n3.6 and Firefox 3.5. (CVE-2011-0072)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=689281\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"MozillaThunderbird-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"MozillaThunderbird-devel-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"MozillaThunderbird-translations-common-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"MozillaThunderbird-translations-other-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"enigmail-1.1.2-9.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:04", "description": "Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072)", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0072", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:enigmail", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_MOZILLATHUNDERBIRD-110429.NASL", "href": "https://www.tenable.com/plugins/nessus/53775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update MozillaThunderbird-4458.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53775);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0072\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\");\n\n script_name(english:\"openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4458)\");\n script_summary(english:\"Check for the MozillaThunderbird-4458 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Thunderbird was updated to the 3.1.10 security release.\n\nMFSA 2011-12: Mozilla developers identified and fixed several memory\nsafety bugs in the browser engine used in Firefox and other\nMozilla-based products. Some of these bugs showed evidence of memory\ncorruption under certain circumstances, and we presume that with\nenough effort at least some of these could be exploited to run\narbitrary code. Credits\n\nMozilla developer Scoobidiver reported a memory safety issue which\naffected Firefox 4 and Firefox 3.6 (CVE-2011-0081)\n\nThe web development team of Alcidion reported a crash that affected\nFirefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\nIan Beer reported a crash that affected Firefox 4, Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0070)\n\nMozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats\nPalmgren and Jesse Ruderman reported memory safety issues which\naffected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\nAki Helin reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0074 , CVE-2011-0075)\n\nIan Beer reported memory safety issues which affected Firefox 3.6 and\nFirefox 3.5. (CVE-2011-0077 , CVE-2011-0078)\n\nMartin Barbella reported a memory safety issue which affected Firefox\n3.6 and Firefox 3.5. (CVE-2011-0072)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=689281\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected MozillaThunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"MozillaThunderbird-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"MozillaThunderbird-devel-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"MozillaThunderbird-translations-common-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"MozillaThunderbird-translations-other-3.1.10-0.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"enigmail-1.1.2-9.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MozillaThunderbird\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-19T15:10:04", "description": "Mozilla XULRunner 1.9.1 was updated to the 1.9.1.19 security release.\n\n - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Credits. (MFSA 2011-12)\n\n - Mozilla developer Scoobidiver reported a memory safety issue which affected Firefox 4 and Firefox 3.6 (CVE-2011-0081) The web development team of Alcidion reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0069)\n\n Ian Beer reported a crash that affected Firefox 4, Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\n Mozilla developers Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0080)\n\n Aki Helin reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 / CVE-2011-0075)\n\n Ian Beer reported memory safety issues which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 / CVE-2011-0078)\n\n Martin Barbella reported a memory safety issue which affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072)\n\n - Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative. (MFSA 2011-13 / CVE-2011-0065 / CVE-2011-0066 / CVE-2011-0073)\n\n - Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history. (MFSA 2011-14 / CVE-2011-0067)\n\n - Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. (MFSA 2011-18 / CVE-2011-1202)", "cvss3": {"score": null, "vector": null}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : Mozilla-XULrunner (SAT Patch Number 4461)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0065", "CVE-2011-0066", "CVE-2011-0067", "CVE-2011-0069", "CVE-2011-0070", "CVE-2011-0072", "CVE-2011-0073", "CVE-2011-0074", "CVE-2011-0075", "CVE-2011-0077", "CVE-2011-0078", "CVE-2011-0080", "CVE-2011-0081", "CVE-2011-1202"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs-32bit", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations", "p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_MOZILLA-XULRUNNER191-110429.NASL", "href": "https://www.tenable.com/plugins/nessus/53648", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53648);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-0065\", \"CVE-2011-0066\", \"CVE-2011-0067\", \"CVE-2011-0069\", \"CVE-2011-0070\", \"CVE-2011-0072\", \"CVE-2011-0073\", \"CVE-2011-0074\", \"CVE-2011-0075\", \"CVE-2011-0077\", \"CVE-2011-0078\", \"CVE-2011-0080\", \"CVE-2011-0081\", \"CVE-2011-1202\");\n\n script_name(english:\"SuSE 11.1 Security Update : Mozilla-XULrunner (SAT Patch Number 4461)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla XULRunner 1.9.1 was updated to the 1.9.1.19 security release.\n\n - Mozilla developers identified and fixed several memory\n safety bugs in the browser engine used in Firefox and\n other Mozilla-based products. Some of these bugs showed\n evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. Credits. (MFSA 2011-12)\n\n - Mozilla developer Scoobidiver reported a memory safety\n issue which affected Firefox 4 and Firefox 3.6\n (CVE-2011-0081) The web development team of Alcidion\n reported a crash that affected Firefox 4, Firefox 3.6\n and Firefox 3.5. (CVE-2011-0069)\n\n Ian Beer reported a crash that affected Firefox 4,\n Firefox 3.6 and Firefox 3.5. (CVE-2011-0070)\n\n Mozilla developers Bob Clary, Henri Sivonen, Marco\n Bonardo, Mats Palmgren and Jesse Ruderman reported\n memory safety issues which affected Firefox 3.6 and\n Firefox 3.5. (CVE-2011-0080)\n\n Aki Helin reported memory safety issues which affected\n Firefox 3.6 and Firefox 3.5. (CVE-2011-0074 /\n CVE-2011-0075)\n\n Ian Beer reported memory safety issues which affected\n Firefox 3.6 and Firefox 3.5. (CVE-2011-0077 /\n CVE-2011-0078)\n\n Martin Barbella reported a memory safety issue which\n affected Firefox 3.6 and Firefox 3.5. (CVE-2011-0072)\n\n - Security researcher regenrecht reported several dangling\n pointer vulnerabilities via TippingPoint's Zero Day\n Initiative. (MFSA 2011-13 / CVE-2011-0065 /\n CVE-2011-0066 / CVE-2011-0073)\n\n - Security researcher Paul Stone reported that a Java\n applet could be used to mimic interaction with form\n autocomplete controls and steal entries from the form\n history. (MFSA 2011-14 / CVE-2011-0067)\n\n - Chris Evans of the Chrome Security Team reported that\n the XSLT generate-id() function returned a string that\n revealed a specific valid address of an object on the\n memory heap. It is possible that in some cases this\n address would be valuable information that could be used\n by an attacker while exploiting a different memory\n corruption but, in order to make an exploit more\n reliable or work around mitigation features in the\n browser or operating system. (MFSA 2011-18 /\n CVE-2011-1202)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-13.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-14.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2011/mfsa2011-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=689281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0065.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0066.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0067.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0069.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0070.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0073.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0074.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0075.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0078.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0080.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0081.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1202.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4461.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Mozilla Firefox \"nsTreeRange\" Dangling Pointer Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-gnomevfs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-xulrunner191-translations-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mozilla-xulrunner191-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mozilla-xulrunner191-gnomevfs-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"mozilla-xulrunner191-translations-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mozilla-xulrunner191-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mozilla-xulrunner191-32bit-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mozilla-xulrunner191-gnomevfs-1.9.1.19-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"mozilla-xulrunner191-gnomevfs-32bit-1.9.1.19-0.2.1\")) flag++;\nif (rpm