Lucene search
Copyright (C) 2015 Greenbone AGOPENVAS:1361412562310131115HistoryNov 08, 2015 - 12:00 a.m.
Mageia: Security Advisory (MGASA-2015-0427)
2015-11-0800:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
5
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.131115");
script_cve_id("CVE-2015-4513", "CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7188", "CVE-2015-7189", "CVE-2015-7193", "CVE-2015-7194", "CVE-2015-7196", "CVE-2015-7197", "CVE-2015-7198");
script_tag(name:"creation_date", value:"2015-11-08 11:02:10 +0000 (Sun, 08 Nov 2015)");
script_version("2024-02-02T05:06:05+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:05 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2015-11-05 15:41:35 +0000 (Thu, 05 Nov 2015)");
script_name("Mageia: Security Advisory (MGASA-2015-0427)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA5");
script_xref(name:"Advisory-ID", value:"MGASA-2015-0427");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2015-0427.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=17079");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-130/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/");
script_xref(name:"URL", value:"https://rhn.redhat.com/errata/RHSA-2015-1981.html");
script_xref(name:"URL", value:"https://rhn.redhat.com/errata/RHSA-2015-1982.html");
script_tag(name:"summary", value:"The remote host is missing an update for the 'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) announced via the MGASA-2015-0427 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2015-4513, CVE-2015-7189, CVE-2015-7194, CVE-2015-7196,
CVE-2015-7198, CVE-2015-7197)
A same-origin policy bypass flaw was found in the way Firefox handled
certain cross-origin resource sharing (CORS) requests. A web page
containing malicious content could cause Firefox to disclose sensitive
information. (CVE-2015-7193)
A same-origin policy bypass flaw was found in the way Firefox handled URLs
containing IP addresses with white-space characters. This could lead to
cross-site scripting attacks. (CVE-2015-7188)
A use-after-poison flaw and a heap-based buffer overflow flaw were found in
the way NSS parsed certain ASN.1 structures. An attacker could use these
flaws to cause NSS to crash or execute arbitrary code with the permissions
of the user running an application compiled against the NSS library.
(CVE-2015-7181, CVE-2015-7182)
A heap-based buffer overflow was found in NSPR. An attacker could use this
flaw to cause NSPR to crash or execute arbitrary code with the permissions
of the user running an application compiled against the NSPR library.
(CVE-2015-7183)
Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE,
PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuilt against the fixed
nspr packages to completely resolve the CVE-2015-7183 issue.");
script_tag(name:"affected", value:"'firefox, firefox-l10n, nspr, nss, rootcerts' package(s) on Mageia 5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA5") {
if(!isnull(res = isrpmvuln(pkg:"firefox", rpm:"firefox~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-af", rpm:"firefox-af~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-an", rpm:"firefox-an~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ar", rpm:"firefox-ar~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-as", rpm:"firefox-as~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ast", rpm:"firefox-ast~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-az", rpm:"firefox-az~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-be", rpm:"firefox-be~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-bg", rpm:"firefox-bg~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-bn_BD", rpm:"firefox-bn_BD~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-bn_IN", rpm:"firefox-bn_IN~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-br", rpm:"firefox-br~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-bs", rpm:"firefox-bs~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ca", rpm:"firefox-ca~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-cs", rpm:"firefox-cs~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-cy", rpm:"firefox-cy~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-da", rpm:"firefox-da~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-de", rpm:"firefox-de~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-devel", rpm:"firefox-devel~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-el", rpm:"firefox-el~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-en_GB", rpm:"firefox-en_GB~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-en_US", rpm:"firefox-en_US~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-en_ZA", rpm:"firefox-en_ZA~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-eo", rpm:"firefox-eo~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-es_AR", rpm:"firefox-es_AR~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-es_CL", rpm:"firefox-es_CL~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-es_ES", rpm:"firefox-es_ES~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-es_MX", rpm:"firefox-es_MX~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-et", rpm:"firefox-et~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-eu", rpm:"firefox-eu~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-fa", rpm:"firefox-fa~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ff", rpm:"firefox-ff~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-fi", rpm:"firefox-fi~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-fr", rpm:"firefox-fr~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-fy_NL", rpm:"firefox-fy_NL~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ga_IE", rpm:"firefox-ga_IE~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-gd", rpm:"firefox-gd~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-gl", rpm:"firefox-gl~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-gu_IN", rpm:"firefox-gu_IN~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-he", rpm:"firefox-he~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-hi_IN", rpm:"firefox-hi_IN~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-hr", rpm:"firefox-hr~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-hsb", rpm:"firefox-hsb~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-hu", rpm:"firefox-hu~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-hy_AM", rpm:"firefox-hy_AM~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-id", rpm:"firefox-id~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-is", rpm:"firefox-is~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-it", rpm:"firefox-it~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ja", rpm:"firefox-ja~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-kk", rpm:"firefox-kk~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-km", rpm:"firefox-km~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-kn", rpm:"firefox-kn~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ko", rpm:"firefox-ko~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-l10n", rpm:"firefox-l10n~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-lij", rpm:"firefox-lij~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-lt", rpm:"firefox-lt~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-lv", rpm:"firefox-lv~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-mai", rpm:"firefox-mai~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-mk", rpm:"firefox-mk~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ml", rpm:"firefox-ml~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-mr", rpm:"firefox-mr~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ms", rpm:"firefox-ms~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-nb_NO", rpm:"firefox-nb_NO~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-nl", rpm:"firefox-nl~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-nn_NO", rpm:"firefox-nn_NO~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-or", rpm:"firefox-or~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-pa_IN", rpm:"firefox-pa_IN~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-pl", rpm:"firefox-pl~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-pt_BR", rpm:"firefox-pt_BR~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-pt_PT", rpm:"firefox-pt_PT~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ro", rpm:"firefox-ro~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ru", rpm:"firefox-ru~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-si", rpm:"firefox-si~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-sk", rpm:"firefox-sk~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-sl", rpm:"firefox-sl~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-sq", rpm:"firefox-sq~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-sr", rpm:"firefox-sr~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-sv_SE", rpm:"firefox-sv_SE~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-ta", rpm:"firefox-ta~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-te", rpm:"firefox-te~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-th", rpm:"firefox-th~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-tr", rpm:"firefox-tr~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-uk", rpm:"firefox-uk~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-uz", rpm:"firefox-uz~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-vi", rpm:"firefox-vi~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-xh", rpm:"firefox-xh~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-zh_CN", rpm:"firefox-zh_CN~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"firefox-zh_TW", rpm:"firefox-zh_TW~38.4.0~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64nspr-devel", rpm:"lib64nspr-devel~4.10.10~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64nspr4", rpm:"lib64nspr4~4.10.10~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64nss-devel", rpm:"lib64nss-devel~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64nss-static-devel", rpm:"lib64nss-static-devel~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64nss3", rpm:"lib64nss3~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnspr-devel", rpm:"libnspr-devel~4.10.10~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnspr4", rpm:"libnspr4~4.10.10~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnss-devel", rpm:"libnss-devel~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnss-static-devel", rpm:"libnss-static-devel~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libnss3", rpm:"libnss3~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"nspr", rpm:"nspr~4.10.10~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"nss", rpm:"nss~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"nss-doc", rpm:"nss-doc~3.20.1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"rootcerts", rpm:"rootcerts~20151029.00~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"rootcerts-java", rpm:"rootcerts-java~20151029.00~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
advisories.mageia.org/MGASA-2015-0427.html
bugs.mageia.org/show_bug.cgi?id=17079
rhn.redhat.com/errata/RHSA-2015-1981.html
rhn.redhat.com/errata/RHSA-2015-1982.html
www.mozilla.org/en-US/security/advisories/mfsa2015-116/
www.mozilla.org/en-US/security/advisories/mfsa2015-122/
www.mozilla.org/en-US/security/advisories/mfsa2015-123/
www.mozilla.org/en-US/security/advisories/mfsa2015-127/
www.mozilla.org/en-US/security/advisories/mfsa2015-128/
www.mozilla.org/en-US/security/advisories/mfsa2015-130/
www.mozilla.org/en-US/security/advisories/mfsa2015-131/
www.mozilla.org/en-US/security/advisories/mfsa2015-132/
www.mozilla.org/en-US/security/advisories/mfsa2015-133/
www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
MGASA-2015-0427
Related
mageia
mageia
Updated firefox, nspr, nss packages fix security vulnerability
2015-11-04 21:03:05
Updated thunderbird packages fix security vulnerability
2015-11-28 02:11:20
Updated iceape packages fix security vulnerabilities
2015-11-17 00:36:58
openvas
openvas
CentOS Update for firefox CESA-2015:1982 centos6
2015-11-05 00:00:00
CentOS Update for firefox CESA-2015:1982 centos5
2015-11-05 00:00:00
CentOS Update for firefox CESA-2015:1982 centos7
2015-11-05 00:00:00
veracode
veracode
Authentication Bypass
2019-05-02 05:43:38
Privilege Escalation
2019-05-02 05:43:39
Authentication Bypass
2019-05-02 05:43:37
oraclelinux
oraclelinux
firefox security update
2015-11-04 00:00:00
thunderbird security update
2015-11-27 00:00:00
nss and nspr security update
2015-11-04 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-11-06 17:11:17
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-11-12 20:10:40
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2015-11-12 17:11:49
nessus
nessus
debian
debian
[SECURITY] [DSA 3393-1] iceweasel security update
2015-11-04 18:42:15
[SECURITY] [DSA 3410-1] icedove security update
2015-12-01 22:21:29
[SECURITY] [DLA 354-1] nss security update
2015-11-29 16:37:17
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-12-01 00:00:00
Firefox vulnerabilities
2015-11-04 00:00:00
NSS vulnerabilities
2015-11-04 00:00:00
centos
centos
firefox security update
2015-11-04 15:58:03
thunderbird security update
2015-11-27 06:41:12
nspr, nss security update
2015-11-04 11:34:51
redhat
redhat
(RHSA-2015:1982) Critical: firefox security update
2015-11-04 00:00:00
(RHSA-2015:2519) Important: thunderbird security update
2015-11-26 00:00:00
(RHSA-2015:2068) Critical: nss, nss-util, and nspr security update
2015-11-18 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-11-04 00:00:00
nss: arbitrary code execution
2015-11-06 00:00:00
nspr: arbitrary code execution
2015-11-06 00:00:00
ibm
ibm
Security Bulletin: IBM Security Access Manager for Mobile is affected by Network Security Services (NSS) vulnerabilities (CVE-2015-7181, CVE-2015-7182, CVE-2015-7183)
2018-06-16 21:38:59
f5
f5
slackware
slackware
[slackware-security] mozilla-nss
2015-11-06 17:08:58
mozilla
mozilla
NSS and NSPR memory corruption issues — Mozilla
2015-11-03 00:00:00
Mixed content WebSocket policy bypass through workers — Mozilla
2015-11-03 00:00:00
JavaScript garbage collection crash with Java applet — Mozilla
2015-11-03 00:00:00
amazon
amazon
Critical: nspr, nss-util, nss, jss
2015-11-05 01:58:00
kaspersky
kaspersky
KLA10689 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-11-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-11-03 00:00:00
symantec
symantec
SA119 : Multiple NSS Vulnerabilities
2016-03-22 08:00:00
osv
osv
nss - security update
2015-11-29 00:00:00
nspr - security update
2015-11-19 00:00:00
cve
cve
prion
prion
Buffer overflow
2015-11-05 05:59:00
Cross site scripting
2015-11-05 05:59:00
Code injection
2015-11-05 05:59:00
ubuntucve
ubuntucve
debiancve
debiancve
CVE-2015-7181
2015-11-05 05:59:00
CVE-2015-7183
2015-11-05 05:59:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
Related for OPENVAS:1361412562310131115