The remote host is missing an update to xulrunner
announced via advisory DSA 1885-1.
# OpenVAS Vulnerability Test
# $Id: deb_1885_1.nasl 9350 2018-04-06 07:03:33Z cfischer $
# Description: Auto-generated from advisory DSA 1885-1 (xulrunner)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications, such as the Iceweasel web
browser. The Common Vulnerabilities and Exposures project identifies
the following problems:
CVE-2009-3070
Jesse Ruderman discovered crashes in the layout engine, which
might allow the execution of arbitrary code.
CVE-2009-3071
Daniel Holbert, Jesse Ruderman, Olli Pettay and toshi discovered
crashes in the layout engine, which might allow the execution of
arbitrary code.
CVE-2009-3072
Josh Soref, Jesse Ruderman and Martin Wargers discovered crashes
in the layout engine, which might allow the execution of arbitrary
code.
CVE-2009-3074
Jesse Ruderman discovered a crash in the Javascript engine, which
might allow the execution of arbitrary code.
CVE-2009-3075
Carsten Book and Taral discovered crashes in the layout engine,
which might allow the execution of arbitrary code.
CVE-2009-3076
Jesse Ruderman discovered that the user interface for installing/
removing PCKS #11 securiy modules wasn't informative enough, which
might allow social engineering attacks.
CVE-2009-3077
It was discovered that incorrect pointer handling in the XUL parser
could lead to the execution of arbitrary code.
CVE-2009-3078
Juan Pablo Lopez Yacubian discovered that incorrent rendering of
some Unicode font characters could lead to spoofing attacks on
the location bar.
For the stable distribution (lenny), these problems have been fixed
in version 1.9.0.14-0lenny1.
As indicated in the Etch release notes, security support for the
Mozilla products in the oldstable distribution needed to be stopped
before the end of the regular Etch security maintenance life cycle.
You are strongly encouraged to upgrade to stable or switch to a still
supported browser.
For the unstable distribution (sid), these problems have been fixed in
version 1.9.0.14-1.
For the experimental distribution, these problems have been fixed in
version 1.9.1.3-1.
We recommend that you upgrade your xulrunner package.";
tag_summary = "The remote host is missing an update to xulrunner
announced via advisory DSA 1885-1.";
tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201885-1";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.64870");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-09-15 22:46:32 +0200 (Tue, 15 Sep 2009)");
script_cve_id("CVE-2009-3070", "CVE-2009-3071", "CVE-2009-3072", "CVE-2009-3074", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3078");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 1885-1 (xulrunner)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-deb.inc");
res = "";
report = "";
if ((res = isdpkgvuln(pkg:"libmozillainterfaces-java", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner-dev", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner-1.9-gnome-support", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner-1.9-dbg", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"spidermonkey-bin", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"python-xpcom", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner-1.9", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs1d", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs-dev", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs1d-dbg", ver:"1.9.0.14-0lenny1", rls:"DEB5.0")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}