ID OPENVAS:136141256231066263 Type openvas Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com Modified 2018-04-06T00:00:00
Description
The remote host is missing an update to qt
announced via advisory FEDORA-2009-11487.
# OpenVAS Vulnerability Test
# $Id: fcore_2009_11487.nasl 9350 2018-04-06 07:03:33Z cfischer $
# Description: Auto-generated from advisory FEDORA-2009-11487 (qt)
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "Update Information:
A security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)
implementation. Multiple security flaws (integer underflow, invalid pointer
dereference, buffer underflow and a denial of service) were found in the way
WebKit's FTP parser used to process remote FTP directory listings.
ChangeLog:
* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9
- CVE-2009-3384 - WebKit, ftp listing handling (#525788)
- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)
* Sun Nov 8 2009 Rex Dieter - 4.5.3-8
- -x11: Requires: %{name}-sqlite(ppc-32)";
tag_solution = "Apply the appropriate updates.
This update can be installed with the yum update program. Use
su -c 'yum update qt' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11487";
tag_summary = "The remote host is missing an update to qt
announced via advisory FEDORA-2009-11487.";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.66263");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)");
script_cve_id("CVE-2009-3384", "CVE-2009-2816");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Fedora Core 12 FEDORA-2009-11487 (qt)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name : "URL" , value : "https://bugzilla.redhat.com/show_bug.cgi?id=525788");
script_xref(name : "URL" , value : "https://bugzilla.redhat.com/show_bug.cgi?id=525789");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"qt", rpm:"qt~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-demos", rpm:"qt-demos~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-devel", rpm:"qt-devel~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-examples", rpm:"qt-examples~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-mysql", rpm:"qt-mysql~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-odbc", rpm:"qt-odbc~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-postgresql", rpm:"qt-postgresql~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-sqlite", rpm:"qt-sqlite~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-x11", rpm:"qt-x11~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-debuginfo", rpm:"qt-debuginfo~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"qt-doc", rpm:"qt-doc~4.5.3~9.fc12", rls:"FC12")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:136141256231066263", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 12 FEDORA-2009-11487 (qt)", "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11487.", "published": "2009-11-17T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 9.3}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066263", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=525789", "https://bugzilla.redhat.com/show_bug.cgi?id=525788"], "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "lastseen": "2018-04-06T11:38:49", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-04-06T11:38:49", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-3384", "CVE-2009-2816"]}, {"type": "openvas", "idList": ["OPENVAS:66267", "OPENVAS:66264", "OPENVAS:900889", "OPENVAS:136141256231066267", "OPENVAS:66263", "OPENVAS:136141256231066264", "OPENVAS:1361412562310900889", "OPENVAS:1361412562310122424"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0153.NASL", "FEDORA_2009-11487.NASL", "ORACLELINUX_ELSA-2009-1531.NASL", "MACOSX_SAFARI4_0_4.NASL", "REDHAT-RHSA-2009-1531.NASL", "FEDORA_2009-11488.NASL", "SAFARI_4_0_4.NASL", "GOOGLE_CHROME_3_0_195_33.NASL", "CENTOS_RHSA-2009-1531.NASL", "FEDORA_2009-11491.NASL"]}, {"type": "seebug", "idList": ["SSV:12637", "SSV:12644", "SSV:12627"]}, {"type": "threatpost", "idList": ["THREATPOST:87A00B01F9F51647FA037F1CED7DA5EF", "THREATPOST:213B2F3A19EB934CE4579B8DDEAC6AB4"]}, {"type": "redhat", "idList": ["RHSA-2010:0154", "RHSA-2009:1531", "RHSA-2010:0153", "RHSA-2009:1530"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1530", "ELSA-2010-0154", "ELSA-2009-1531"]}, {"type": "centos", "idList": ["CESA-2009:1531", "CESA-2010:0154", "CESA-2010:0153", "CESA-2009:1530"]}], "modified": "2018-04-06T11:38:49", "rev": 2}, "vulnersScore": 7.5}, "pluginID": "136141256231066263", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11487.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11487 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\n\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11487\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11487.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66263\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 12 FEDORA-2009-11487 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:40:05", "description": "Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing in a reply.", "edition": 6, "cvss3": {}, "published": "2009-11-13T15:30:00", "title": "CVE-2009-3384", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3384"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:apple:safari:3.0.2", "cpe:/a:apple:safari:3.2.1", "cpe:/a:apple:safari:2.0", "cpe:/a:apple:safari:3.0.3", "cpe:/a:apple:safari:1.3", "cpe:/a:apple:safari:3", "cpe:/a:apple:safari:3.0.3b", "cpe:/a:apple:safari:1.0.3", "cpe:/a:apple:safari:1.0.0b2", "cpe:/a:apple:safari:1.2.1", "cpe:/a:apple:safari:3.1.0", "cpe:/a:apple:safari:3.2.3", "cpe:/a:apple:safari:4.0.1", "cpe:/a:apple:safari:3.0.1", "cpe:/a:apple:safari:2.0.4_419.3", "cpe:/a:apple:safari:1.2.2", "cpe:/a:apple:safari:2.0.3_417.9.3", "cpe:/a:apple:safari:0.9", "cpe:/a:apple:safari:2.0.4", "cpe:/a:apple:safari:3.2.0", "cpe:/a:apple:safari:1.1.0", "cpe:/a:apple:safari:1.2", "cpe:/a:apple:safari:3.2", "cpe:/a:apple:safari:4.0.2", "cpe:/a:apple:safari:2.0_pre", "cpe:/a:apple:safari:1.1.1", "cpe:/a:apple:safari:1.2.5", "cpe:/a:apple:safari:0.8", "cpe:/a:apple:safari:1.0.0", "cpe:/a:apple:safari:2", "cpe:/a:apple:safari:1.2.0", "cpe:/a:apple:safari:4.0", "cpe:/a:apple:safari:1.2.4", "cpe:/a:apple:safari:3.0.0", "cpe:/a:apple:safari:1.3.2", "cpe:/a:apple:safari:3.1.1", "cpe:/a:apple:safari:1.0", "cpe:/a:apple:safari:1.0.2", "cpe:/a:apple:safari:2.0.3", "cpe:/a:apple:safari:1.3.0", "cpe:/a:apple:safari:3.0.4b", "cpe:/a:apple:safari:3.0.0b", "cpe:/a:apple:safari:4.0.3", "cpe:/a:apple:safari:3.0.4_beta", "cpe:/a:apple:safari:1.0.0b1", "cpe:/a:apple:safari:3.0.1b", "cpe:/a:apple:safari:1.3.1", "cpe:/a:apple:safari:3.0.2b", "cpe:/a:apple:safari:3.0", "cpe:/a:apple:safari:3.1.2", "cpe:/a:apple:safari:3.1.0b", "cpe:/a:apple:safari:1.0.1", "cpe:/a:apple:safari:3.1", "cpe:/a:apple:safari:2.0.0", "cpe:/a:apple:safari:2.0.2", "cpe:/a:apple:safari:4.0.0b", "cpe:/a:apple:safari:1.2.3", "cpe:/a:apple:safari:3.2.2", "cpe:/a:apple:safari:3.0.4", "cpe:/a:apple:safari:2.0.1"], "id": "CVE-2009-3384", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3384", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0_pre:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3_417.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:04", "description": "The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web page.", "edition": 6, "cvss3": {}, "published": "2009-11-13T15:30:00", "title": "CVE-2009-2816", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2816"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:apple:safari:3.0.2", "cpe:/a:google:chrome:2.0.172.27", "cpe:/a:google:chrome:1.0.154.43", "cpe:/a:google:chrome:1.0.154.59", "cpe:/a:apple:safari:3.2.1", "cpe:/a:apple:safari:2.0", "cpe:/a:apple:safari:3.0.3", "cpe:/a:apple:safari:1.3", "cpe:/a:apple:safari:3", "cpe:/a:google:chrome:3.0.190.2", "cpe:/a:google:chrome:1.0.154.42", "cpe:/a:google:chrome:3.0.182.2", "cpe:/a:apple:safari:3.0.3b", "cpe:/a:google:chrome:0.3.154.3", "cpe:/a:google:chrome:2.0.169.0", "cpe:/a:google:chrome:0.4.154.18", "cpe:/a:google:chrome:0.2.149.30", "cpe:/a:google:chrome:2.0.172", "cpe:/a:apple:safari:1.0.3", "cpe:/a:apple:safari:1.0.0b2", "cpe:/a:apple:safari:1.2.1", "cpe:/a:google:chrome:2.0.157.0", "cpe:/a:google:chrome:2.0.157.2", "cpe:/a:google:chrome:2.0.172.30", "cpe:/a:google:chrome:2.0.169.1", "cpe:/a:apple:safari:3.1.0", "cpe:/a:apple:safari:3.2.3", "cpe:/a:google:chrome:0.4.154.22", "cpe:/a:google:chrome:0.2.153.1", "cpe:/a:google:chrome:3.0.195.21", "cpe:/a:apple:safari:4.0.1", "cpe:/a:apple:safari:3.0.1", "cpe:/a:apple:safari:2.0.4_419.3", "cpe:/a:apple:safari:1.2.2", "cpe:/a:apple:safari:2.0.3_417.9.3", "cpe:/a:apple:safari:0.9", "cpe:/a:apple:safari:2.0.4", "cpe:/a:apple:safari:3.2.0", "cpe:/a:apple:safari:1.1.0", "cpe:/a:google:chrome:1.0.154.48", "cpe:/a:google:chrome:2.0.170.0", "cpe:/a:apple:safari:1.2", "cpe:/a:apple:safari:3.2", "cpe:/a:apple:safari:4.0.2", "cpe:/a:apple:safari:2.0_pre", "cpe:/a:google:chrome:2.0.172.2", "cpe:/a:apple:safari:1.1.1", "cpe:/a:google:chrome:1.0.154.65", "cpe:/a:google:chrome:2.0.159.0", "cpe:/a:google:chrome:1.0.154.36", "cpe:/a:google:chrome:0.3.154.0", "cpe:/a:google:chrome:2.0.172.38", "cpe:/a:apple:safari:1.2.5", "cpe:/a:apple:safari:0.8", "cpe:/a:apple:safari:1.0.0", "cpe:/a:apple:safari:2", "cpe:/a:apple:safari:1.2.0", "cpe:/a:google:chrome:1.0.154.46", "cpe:/a:google:chrome:0.2.152.1", "cpe:/a:apple:safari:4.0", "cpe:/a:google:chrome:2.0.172.8", "cpe:/a:apple:safari:1.2.4", "cpe:/a:apple:safari:3.0.0", "cpe:/a:google:chrome:1.0.154.39", "cpe:/a:apple:safari:1.3.2", "cpe:/a:google:chrome:1.0.154.53", "cpe:/a:apple:safari:3.1.1", "cpe:/a:apple:safari:1.0", "cpe:/a:google:chrome:2.0.156.1", "cpe:/a:apple:safari:1.0.2", "cpe:/a:apple:safari:2.0.3", "cpe:/a:apple:safari:1.3.0", "cpe:/a:google:chrome:0.2.149.27", "cpe:/a:apple:safari:3.0.4b", "cpe:/a:apple:safari:3.0.0b", "cpe:/a:apple:safari:4.0.3", "cpe:/a:apple:safari:3.0.4_beta", "cpe:/a:apple:safari:1.0.0b1", "cpe:/a:apple:safari:3.0.1b", "cpe:/a:google:chrome:2.0.172.37", "cpe:/a:google:chrome:1.0.154.52", "cpe:/a:apple:safari:1.3.1", "cpe:/a:google:chrome:3.0.193.2", "cpe:/a:google:chrome:0.2.149.29", "cpe:/a:google:chrome:2.0.172.33", "cpe:/a:apple:safari:3.0.2b", "cpe:/a:google:chrome:2.0.172.28", "cpe:/a:google:chrome:0.4.154.33", "cpe:/a:google:chrome:2.0.172.31", "cpe:/a:apple:safari:3.0", "cpe:/a:apple:safari:3.1.2", "cpe:/a:google:chrome:2.0.158.0", "cpe:/a:google:chrome:0.4.154.31", "cpe:/a:apple:safari:3.1.0b", "cpe:/a:apple:safari:1.0.1", "cpe:/a:apple:safari:3.1", "cpe:/a:apple:safari:2.0.0", "cpe:/a:apple:safari:2.0.2", "cpe:/a:apple:safari:4.0.0b", "cpe:/a:apple:safari:1.2.3", "cpe:/a:apple:safari:3.2.2", "cpe:/a:apple:safari:3.0.4", "cpe:/a:apple:safari:2.0.1"], "id": "CVE-2009-2816", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2816", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0_pre:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3b:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3_417.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4_419.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.3:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:beta:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9.2:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2b:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0:beta:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.0.4b:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.9:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2.0.3:417.8:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:2:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*", "cpe:2.3:a:apple:safari:3.1.0b:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:56:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11487.", "modified": "2017-07-10T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:66263", "href": "http://plugins.openvas.org/nasl.php?oid=66263", "type": "openvas", "title": "Fedora Core 12 FEDORA-2009-11487 (qt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11487.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11487 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\n\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11487\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11487.\";\n\n\n\nif(description)\n{\n script_id(66263);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 12 FEDORA-2009-11487 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc12\", rls:\"FC12\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-03T21:01:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2842", "CVE-2009-2816", "CVE-2009-3384"], "description": "This host has Apple Safari installed and is prone to multiple\n vulnerabilities.", "modified": "2020-02-28T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:1361412562310900889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900889", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - Nov09", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Multiple Vulnerabilities - Nov09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900889\");\n script_version(\"2020-02-28T13:41:47+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-28 13:41:47 +0000 (Fri, 28 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 15:16:05 +0100 (Tue, 17 Nov 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-2816\", \"CVE-2009-2842\", \"CVE-2009-3384\");\n script_bugtraq_id(36997, 36994, 36995);\n script_name(\"Apple Safari Multiple Vulnerabilities - Nov09\");\n\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_mandatory_keys(\"AppleSafari/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to bypass certain security\n restrictions, disclose sensitive information, or compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari version prior to 4.0.4.\");\n\n script_tag(name:\"insight\", value:\"- An error exists in WebKit when sending 'preflight' requests originating\n from a page in a different origin. This can be exploited to facilitate\n cross-site request forgery attacks by injecting custom HTTP headers.\n\n - An error exists when handling an 'Open Image in New Tab', 'Open Image in'\n 'New Window', or 'Open Link in New Tab' shortcut menu action performed on\n a link to a local file. This can be exploited to load a local HTML file\n and disclose sensitive information by tricking a user into performing the\n affected actions within a specially crafted webpage.\n\n - Multiple errors in WebKit when handling FTP directory listings can be\n exploited to disclose sensitive information.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Safari version 4.0.4 or latest version.\");\n\n script_tag(name:\"summary\", value:\"This host has Apple Safari installed and is prone to multiple\n vulnerabilities.\");\n\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT3949\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/37346\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_is_less(version:vers, test_version:\"5.31.21.11\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"Safari 4.0.4 (5.31.21.11)\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:13:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2842", "CVE-2009-2816", "CVE-2009-3384"], "description": "This host has Apple Safari installed and is prone to multiple\n vulnerabilities.", "modified": "2017-01-20T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:900889", "href": "http://plugins.openvas.org/nasl.php?oid=900889", "type": "openvas", "title": "Apple Safari Multiple Vulnerabilities - Nov09", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_apple_safari_mult_vuln_nov09.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Apple Safari Multiple Vulnerabilities - Nov09\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to bypass certain security\n restrictions, disclose sensitive information, or compromise a user's system.\n Impact Level: Application\";\ntag_affected = \"Apple Safari version prior to 4.0.4\";\ntag_insight = \"- An error exists in WebKit when sending 'preflight' requests originating\n from a page in a different origin. This can be exploited to facilitate\n cross-site request forgery attacks by injecting custom HTTP headers.\n - An error exists when handling an 'Open Image in New Tab', 'Open Image in'\n 'New Window', or 'Open Link in New Tab' shortcut menu action performed on\n a link to a local file. This can be exploited to load a local HTML file\n and disclose sensitive information by tricking a user into performing the\n affected actions within a specially crafted webpage.\n - Multiple errors in WebKit when handling FTP directory listings can be\n exploited to disclose sensitive information.\";\ntag_solution = \"Upgrade to Safari version 4.0.4 or latest version.\n http://www.apple.com/safari/download/\";\ntag_summary = \"This host has Apple Safari installed and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(900889);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 15:16:05 +0100 (Tue, 17 Nov 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-2816\", \"CVE-2009-2842\", \"CVE-2009-3384\");\n script_bugtraq_id(36997, 36994, 36995);\n script_name(\"Apple Safari Multiple Vulnerabilities - Nov09\");\n\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_safari_detect_win_900003.nasl\");\n script_require_keys(\"AppleSafari/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT3949\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/37346\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nsafariVer = get_kb_item(\"AppleSafari/Version\");\nif(!safariVer){\n exit(0);\n}\n\n# Check for Safari version < 4.0.4 (5.31.21.10)\nif(version_is_less(version:safariVer, test_version:\"5.31.21.11\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.", "modified": "2017-07-10T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:66264", "href": "http://plugins.openvas.org/nasl.php?oid=66264", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11488 (qt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11488.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11488 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11488\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.\";\n\n\n\nif(description)\n{\n script_id(66264);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-11488 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.", "modified": "2017-07-10T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:66267", "href": "http://plugins.openvas.org/nasl.php?oid=66267", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11491 (qt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11491.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11491 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11491\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.\";\n\n\n\nif(description)\n{\n script_id(66267);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-11491 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.", "modified": "2018-04-06T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:136141256231066267", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066267", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-11491 (qt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11491.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11491 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11491\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11491.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66267\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-11491 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.", "modified": "2018-04-06T00:00:00", "published": "2009-11-17T00:00:00", "id": "OPENVAS:136141256231066264", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066264", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-11488 (qt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_11488.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-11488 (qt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nA security flaw was found in the WebKit's Cross-Origin Resource Sharing (CORS)\nimplementation. Multiple security flaws (integer underflow, invalid pointer\ndereference, buffer underflow and a denial of service) were found in the way\nWebKit's FTP parser used to process remote FTP directory listings.\nChangeLog:\n\n* Thu Nov 12 2009 Jaroslav Reznik - 4.5.3-9\n- CVE-2009-3384 - WebKit, ftp listing handling (#525788)\n- CVE-2009-2816 - WebKit, MITM Cross-Origin Resource Sharing (#525789)\n* Sun Nov 8 2009 Rex Dieter - 4.5.3-8\n- -x11: Requires: %{name}-sqlite(ppc-32)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update qt' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11488\";\ntag_summary = \"The remote host is missing an update to qt\nannounced via advisory FEDORA-2009-11488.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66264\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-17 21:42:12 +0100 (Tue, 17 Nov 2009)\");\n script_cve_id(\"CVE-2009-3384\", \"CVE-2009-2816\", \"CVE-2009-2700\", \"CVE-2009-1725\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-11488 (qt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525788\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=525789\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"qt\", rpm:\"qt~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-demos\", rpm:\"qt-demos~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-devel\", rpm:\"qt-devel~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-examples\", rpm:\"qt-examples~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-mysql\", rpm:\"qt-mysql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-odbc\", rpm:\"qt-odbc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-postgresql\", rpm:\"qt-postgresql~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-sqlite\", rpm:\"qt-sqlite~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-x11\", rpm:\"qt-x11~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-debuginfo\", rpm:\"qt-debuginfo~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"qt-doc\", rpm:\"qt-doc~4.5.3~9.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-3374", "CVE-2009-3384", "CVE-2009-3382", "CVE-2009-3370"], "description": "Oracle Linux Local Security Checks ELSA-2009-1530", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122424", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122424", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1530", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1530.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122424\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:06 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1530\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1530 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1530\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1530.html\");\n script_cve_id(\"CVE-2009-1563\", \"CVE-2009-3274\", \"CVE-2009-3370\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3374\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3380\", \"CVE-2009-3382\", \"CVE-2009-3384\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.0.15~3.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.7.6~1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"nspr-devel\", rpm:\"nspr-devel~4.7.6~1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.0.15~3.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.0.15~3.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-unstable\", rpm:\"xulrunner-devel-unstable~1.9.0.15~3.0.1.el5_4\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:06:57", "description": "A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-11-16T00:00:00", "title": "Fedora 12 : qt-4.5.3-9.fc12 (2009-11487)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "modified": "2009-11-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2009-11487.NASL", "href": "https://www.tenable.com/plugins/nessus/42803", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11487.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42803);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2816\", \"CVE-2009-3384\");\n script_bugtraq_id(36997);\n script_xref(name:\"FEDORA\", value:\"2009-11487\");\n\n script_name(english:\"Fedora 12 : qt-4.5.3-9.fc12 (2009-11487)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525789\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031041.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ff6cdfb8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"qt-4.5.3-9.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:57", "description": "A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2009-11-16T00:00:00", "title": "Fedora 10 : qt-4.5.3-9.fc10 (2009-11488)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "modified": "2009-11-16T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:qt"], "id": "FEDORA_2009-11488.NASL", "href": "https://www.tenable.com/plugins/nessus/42804", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11488.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42804);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2816\", \"CVE-2009-3384\");\n script_xref(name:\"FEDORA\", value:\"2009-11488\");\n\n script_name(english:\"Fedora 10 : qt-4.5.3-9.fc10 (2009-11488)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525789\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031042.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?347200e0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"qt-4.5.3-9.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:06:58", "description": "A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2009-11-16T00:00:00", "title": "Fedora 11 : qt-4.5.3-9.fc11 (2009-11491)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "modified": "2009-11-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:qt", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-11491.NASL", "href": "https://www.tenable.com/plugins/nessus/42807", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-11491.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42807);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2816\", \"CVE-2009-3384\");\n script_xref(name:\"FEDORA\", value:\"2009-11491\");\n\n script_name(english:\"Fedora 11 : qt-4.5.3-9.fc11 (2009-11491)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found in the WebKit's Cross-Origin Resource\nSharing (CORS) implementation. Multiple security flaws (integer\nunderflow, invalid pointer dereference, buffer underflow and a denial\nof service) were found in the way WebKit's FTP parser used to process\nremote FTP directory listings.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=525789\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-November/031045.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37487fe9\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qt package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"qt-4.5.3-9.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qt\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:03:37", "description": "The version of Safari installed on the remote Windows host is earlier\nthan 4.0.4. Such versions are potentially affected by several \nissues :\n\n - An integer overflow in the handling of images with an\n embedded color profile could lead to a crash or \n arbitrary code execution. (CVE-2009-2804)\n\n - Multiple use-after-free issues exist in libxml2, the\n most serious of which could lead to a program crash.\n (CVE-2009-2414, CVE-2009-2416)\n\n - An issue in the handling of navigations initiated via \n the 'Open Image in New Tab', 'Open Image in New Window'\n or 'Open Link in New Tab' shortcut menu options could\n be exploited to load a local HTML file, leading to\n disclosure of sensitive information. (CVE-2009-2842)\n\n - An issue involving WebKit's inclusion of custom HTTP\n headers specified by a requesting page in preflight\n requests in support of Cross-Origin Resource Sharing\n can facilitate cross-site request forgery attacks. \n (CVE-2009-2816)\n\n - Multiple issues in WebKit's handling of FTP directory \n listings may lead to information disclosure, unexpected\n application termination, or execution of arbitrary \n code. (CVE-2009-3384)", "edition": 27, "published": "2009-11-12T00:00:00", "title": "Safari < 4.0.4 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2804", "CVE-2009-2414", "CVE-2009-2416", "CVE-2009-2842", "CVE-2009-2816", "CVE-2009-3384"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "SAFARI_4_0_4.NASL", "href": "https://www.tenable.com/plugins/nessus/42478", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(42478);\n script_version(\"1.16\");\n\n script_cve_id(\n \"CVE-2009-2804\",\n \"CVE-2009-2414\",\n \"CVE-2009-2416\",\n \"CVE-2009-2816\",\n \"CVE-2009-2842\",\n \"CVE-2009-3384\"\n );\n script_bugtraq_id(36357, 36994, 36995, 36997);\n\n script_name(english:\"Safari < 4.0.4 Multiple Vulnerabilities\");\n script_summary(english:\"Checks Safari's version number\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Safari installed on the remote Windows host is earlier\nthan 4.0.4. Such versions are potentially affected by several \nissues :\n\n - An integer overflow in the handling of images with an\n embedded color profile could lead to a crash or \n arbitrary code execution. (CVE-2009-2804)\n\n - Multiple use-after-free issues exist in libxml2, the\n most serious of which could lead to a program crash.\n (CVE-2009-2414, CVE-2009-2416)\n\n - An issue in the handling of navigations initiated via \n the 'Open Image in New Tab', 'Open Image in New Window'\n or 'Open Link in New Tab' shortcut menu options could\n be exploited to load a local HTML file, leading to\n disclosure of sensitive information. (CVE-2009-2842)\n\n - An issue involving WebKit's inclusion of custom HTTP\n headers specified by a requesting page in preflight\n requests in support of Cross-Origin Resource Sharing\n can facilitate cross-site request forgery attacks. \n (CVE-2009-2816)\n\n - Multiple issues in WebKit's handling of FTP directory \n listings may lead to information disclosure, unexpected\n application termination, or execution of arbitrary \n code. (CVE-2009-3384)\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3949\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/18277\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Safari 4.0.4 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189, 352, 399);\n script_set_attribute(\n attribute:\"vuln_publication_date\", \n value:\"2009/11/11\"\n );\n script_set_attribute(\n attribute:\"patch_publication_date\", \n value:\"2009/11/11\"\n );\n script_set_attribute(\n attribute:\"plugin_publication_date\", \n value:\"2009/11/12\"\n );\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"safari_installed.nasl\");\n script_require_keys(\"SMB/Safari/FileVersion\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\npath = get_kb_item(\"SMB/Safari/Path\");\nversion = get_kb_item(\"SMB/Safari/FileVersion\");\nif (isnull(version)) exit(0);\n\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n ver[0] < 5 ||\n (\n ver[0] == 5 &&\n (\n ver[1] < 31 ||\n (\n ver[1] == 31 && \n (\n ver[2] < 21 ||\n (ver[2] == 21 && ver[3] < 10)\n )\n )\n )\n )\n)\n{\n if (report_verbosity > 0)\n {\n if (isnull(path)) path = \"n/a\";\n\n prod_version = get_kb_item(\"SMB/Safari/ProductVersion\");\n if (!isnull(prod_version)) version = prod_version;\n\n report = string(\n \"\\n\",\n \"Nessus collected the following information about the current install\\n\",\n \"of Safari on the remote host :\\n\",\n \"\\n\",\n \" Version : \", version, \"\\n\",\n \" Path : \", path, \"\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T03:21:30", "description": "The version of Google Chrome installed on the remote host is earlier\nthan 3.0.195.33. Such versions are reportedly affected by a security\nbypass vulnerability caused by cusom headers being incorrectly sent for\n'CORS OPTIONS' requests. A malicious website operator could set custom\nHTTP headers on cross-origin 'OPTIONS' requests.", "edition": 27, "published": "2009-11-13T00:00:00", "title": "Google Chrome < 3.0.195.33 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2816"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:google:chrome"], "id": "GOOGLE_CHROME_3_0_195_33.NASL", "href": "https://www.tenable.com/plugins/nessus/42798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42798);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\"CVE-2009-2816\");\n script_bugtraq_id(36997);\n script_xref(name:\"Secunia\", value:\"37358\");\n\n script_name(english:\"Google Chrome < 3.0.195.33 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Google Chrome\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by a security\nbypass vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The version of Google Chrome installed on the remote host is earlier\nthan 3.0.195.33. Such versions are reportedly affected by a security\nbypass vulnerability caused by cusom headers being incorrectly sent for\n'CORS OPTIONS' requests. A malicious website operator could set custom\nHTTP headers on cross-origin 'OPTIONS' requests.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2b1c01d6\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Google Chrome 3.0.195.33 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:chrome\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"google_chrome_installed.nasl\");\n script_require_keys(\"SMB/Google_Chrome/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"google_chrome_version.inc\");\n\nget_kb_item_or_exit(\"SMB/Google_Chrome/Installed\");\n\ninstalls = get_kb_list(\"SMB/Google_Chrome/*\");\ngoogle_chrome_check_version(installs:installs, fix:'3.0.195.33', severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T03:41:20", "description": "The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 4.0.4. As such, it is potentially affected by several\nissues :\n\n - Multiple use-after-free issues exist in libxml2, the\n most serious of which could lead to a program crash.\n (CVE-2009-2414, CVE-2009-2416)\n\n - An issue in the handling of navigations initiated via \n the 'Open Image in New Tab', 'Open Image in New Window'\n or 'Open Link in New Tab' shortcut menu options could\n be exploited to load a local HTML file, leading to\n disclosure of sensitive information. (CVE-2009-2842)\n\n - An issue involving WebKit's inclusion of custom HTTP\n headers specified by a requesting page in preflight\n requests in support of Cross-Origin Resource Sharing\n can facilitate cross-site request forgery attacks. \n (CVE-2009-2816)\n\n - WebKit fails to issue a resource load callback to \n determine if a resource should be loaded when it\n encounters an HTML 5 Media Element pointing to an \n external resource, which could lead to undesired\n requests to remote servers. (CVE-2009-2841)", "edition": 27, "published": "2009-11-12T00:00:00", "title": "Mac OS X : Apple Safari < 4.0.4", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2414", "CVE-2009-2841", "CVE-2009-2416", "CVE-2009-2842", "CVE-2009-2816"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI4_0_4.NASL", "href": "https://www.tenable.com/plugins/nessus/42477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42477);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-2414\",\n \"CVE-2009-2416\",\n \"CVE-2009-2816\",\n \"CVE-2009-2841\",\n \"CVE-2009-2842\"\n );\n script_bugtraq_id(36994, 36996, 36997);\n\n script_name(english:\"Mac OS X : Apple Safari < 4.0.4\");\n script_summary(english:\"Check the Safari SourceVersion\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host contains a web browser that is affected by several\nvulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The version of Apple Safari installed on the remote Mac OS X host is\nearlier than 4.0.4. As such, it is potentially affected by several\nissues :\n\n - Multiple use-after-free issues exist in libxml2, the\n most serious of which could lead to a program crash.\n (CVE-2009-2414, CVE-2009-2416)\n\n - An issue in the handling of navigations initiated via \n the 'Open Image in New Tab', 'Open Image in New Window'\n or 'Open Link in New Tab' shortcut menu options could\n be exploited to load a local HTML file, leading to\n disclosure of sensitive information. (CVE-2009-2842)\n\n - An issue involving WebKit's inclusion of custom HTTP\n headers specified by a requesting page in preflight\n requests in support of Cross-Origin Resource Sharing\n can facilitate cross-site request forgery attacks. \n (CVE-2009-2816)\n\n - WebKit fails to issue a resource load callback to \n determine if a resource should be loaded when it\n encounters an HTML 5 Media Element pointing to an \n external resource, which could lead to undesired\n requests to remote servers. (CVE-2009-2841)\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT3949\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.securityfocus.com/advisories/18277\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Apple Safari 4.0.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 352, 399);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n \n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/uname\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nuname = get_kb_item_or_exit(\"Host/uname\");\nif (!egrep(pattern:\"Darwin.* (8\\.|9\\.[0-8]\\.|10\\.)\", string:uname)) audit(AUDIT_OS_NOT, \"Mac OS X 10.4 / 10.5 / 10.6\");\n\n\nget_kb_item_or_exit(\"MacOSX/Safari/Installed\");\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"4.0.4\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : ' + fixed_version + '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"Safari\", version);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:07:08", "description": "Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.", "edition": 26, "published": "2009-10-28T00:00:00", "title": "RHEL 3 / 4 : seamonkey (RHSA-2009:1531)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3384", "CVE-2009-3385"], "modified": "2009-10-28T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:seamonkey", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr", "p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger", "p-cpe:/a:redhat:enterprise_linux:seamonkey-devel", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nss", "p-cpe:/a:redhat:enterprise_linux:seamonkey-mail", "p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel", "p-cpe:/a:redhat:enterprise_linux:seamonkey-chat", "p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector"], "id": "REDHAT-RHSA-2009-1531.NASL", "href": "https://www.tenable.com/plugins/nessus/42288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1531. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42288);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-3274\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3380\", \"CVE-2009-3384\", \"CVE-2009-3385\");\n script_xref(name:\"RHSA\", value:\"2009:1531\");\n\n script_name(english:\"RHEL 3 / 4 : seamonkey (RHSA-2009:1531)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1531\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1531\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-chat-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-devel-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-dom-inspector-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-js-debugger-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-mail-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nspr-devel-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-1.0.9-0.47.el3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"seamonkey-nss-devel-1.0.9-0.47.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-1.0.9-50.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-chat-1.0.9-50.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-devel-1.0.9-50.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-dom-inspector-1.0.9-50.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-js-debugger-1.0.9-50.el4_8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"seamonkey-mail-1.0.9-50.el4_8\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:46", "description": "From Red Hat Security Advisory 2009:1531 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1531)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3384", "CVE-2009-3385"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:seamonkey-nspr-devel", "p-cpe:/a:oracle:linux:seamonkey-mail", "p-cpe:/a:oracle:linux:seamonkey-devel", "p-cpe:/a:oracle:linux:seamonkey-nss-devel", "p-cpe:/a:oracle:linux:seamonkey", "p-cpe:/a:oracle:linux:seamonkey-nspr", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:seamonkey-dom-inspector", "p-cpe:/a:oracle:linux:seamonkey-nss", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:seamonkey-js-debugger", "p-cpe:/a:oracle:linux:seamonkey-chat"], "id": "ORACLELINUX_ELSA-2009-1531.NASL", "href": "https://www.tenable.com/plugins/nessus/67949", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1531 and \n# Oracle Linux Security Advisory ELSA-2009-1531 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67949);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-3274\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3380\", \"CVE-2009-3384\", \"CVE-2009-3385\");\n script_xref(name:\"RHSA\", value:\"2009:1531\");\n\n script_name(english:\"Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1531)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1531 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001221.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001222.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.47.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.47.0.1.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-1.0.9-50.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-chat-1.0.9-50.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-devel-1.0.9-50.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-dom-inspector-1.0.9-50.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-js-debugger-1.0.9-50.0.1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-mail-1.0.9-50.0.1.el4_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:58", "description": "Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.", "edition": 26, "published": "2009-10-29T00:00:00", "title": "CentOS 3 / 4 : seamonkey (CESA-2009:1531)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3384", "CVE-2009-3385"], "modified": "2009-10-29T00:00:00", "cpe": ["p-cpe:/a:centos:centos:seamonkey-nspr-devel", "p-cpe:/a:centos:centos:seamonkey-mail", "p-cpe:/a:centos:centos:seamonkey-nss-devel", "p-cpe:/a:centos:centos:seamonkey-dom-inspector", "p-cpe:/a:centos:centos:seamonkey-chat", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:seamonkey-nss", "p-cpe:/a:centos:centos:seamonkey-nspr", "p-cpe:/a:centos:centos:seamonkey", "p-cpe:/a:centos:centos:seamonkey-js-debugger", "p-cpe:/a:centos:centos:seamonkey-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1531.NASL", "href": "https://www.tenable.com/plugins/nessus/42296", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1531 and \n# CentOS Errata and Security Advisory 2009:1531 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42296);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-3274\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3380\", \"CVE-2009-3384\", \"CVE-2009-3385\");\n script_xref(name:\"RHSA\", value:\"2009:1531\");\n\n script_name(english:\"CentOS 3 / 4 : seamonkey (CESA-2009:1531)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nSeaMonkey is an open source Web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file\nSeaMonkey is going to download, they can replace the contents of that\nfile with arbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary\ncode with the privileges of the user running SeaMonkey.\n(CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left\noverride character when downloading a file. In these cases, the name\ndisplayed in the title bar differs from the name displayed in the\ndialog body. An attacker could use this flaw to trick a user into\ndownloading a file that has a file name or extension that differs from\nwhat the user expected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016202.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?764074b1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016203.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9065c174\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016204.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?954a4b55\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016205.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?59331fd5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.47.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.47.el3.centos3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-50.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-50.el4.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:46", "description": "From Red Hat Security Advisory 2009:1530 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox. nspr provides the\nNetscape Portable Runtime (NSPR).\n\nA flaw was found in the way Firefox handles form history. A malicious\nweb page could steal saved form data by synthesizing input events,\ncausing the browser to auto-fill form fields (which could then be read\nby an attacker). (CVE-2009-3370)\n\nA flaw was found in the way Firefox creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file Firefox\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the Firefox Proxy Auto-Configuration (PAC) file\nprocessor. If Firefox loads a malicious PAC file, it could crash\nFirefox or, potentially, execute arbitrary code with the privileges of\nthe user running Firefox. (CVE-2009-3372)\n\nA heap-based buffer overflow flaw was found in the Firefox GIF image\nprocessor. A malicious GIF image could crash Firefox or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2009-3373)\n\nA heap-based buffer overflow flaw was found in the Firefox string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash Firefox or, potentially, execute arbitrary code\nwith the privileges of the user running Firefox. (CVE-2009-1563)\n\nA flaw was found in the way Firefox handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way Firefox displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed\nin the title bar differs from the name displayed in the dialog body.\nAn attacker could use this flaw to trick a user into downloading a\nfile that has a file name or extension that differs from what the user\nexpected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2009-3374, CVE-2009-3380, CVE-2009-3382)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.0.15. You can find a link to the\nMozilla advisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.0.15, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : firefox (ELSA-2009-1530)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3379", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3383", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3374", "CVE-2009-3371", "CVE-2009-3377", "CVE-2009-3384", "CVE-2009-3382", "CVE-2009-3370", "CVE-2009-3381", "CVE-2009-3378"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "p-cpe:/a:oracle:linux:nspr-devel", "p-cpe:/a:oracle:linux:xulrunner-devel-unstable", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:nspr", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2009-1530.NASL", "href": "https://www.tenable.com/plugins/nessus/67948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1530 and \n# Oracle Linux Security Advisory ELSA-2009-1530 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67948);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0689\", \"CVE-2009-3274\", \"CVE-2009-3370\", \"CVE-2009-3371\", \"CVE-2009-3372\", \"CVE-2009-3373\", \"CVE-2009-3374\", \"CVE-2009-3375\", \"CVE-2009-3376\", \"CVE-2009-3377\", \"CVE-2009-3378\", \"CVE-2009-3379\", \"CVE-2009-3380\", \"CVE-2009-3381\", \"CVE-2009-3382\", \"CVE-2009-3383\", \"CVE-2009-3384\");\n script_xref(name:\"RHSA\", value:\"2009:1530\");\n\n script_name(english:\"Oracle Linux 4 / 5 : firefox (ELSA-2009-1530)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1530 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nMozilla Firefox is an open source Web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox. nspr provides the\nNetscape Portable Runtime (NSPR).\n\nA flaw was found in the way Firefox handles form history. A malicious\nweb page could steal saved form data by synthesizing input events,\ncausing the browser to auto-fill form fields (which could then be read\nby an attacker). (CVE-2009-3370)\n\nA flaw was found in the way Firefox creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file Firefox\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the Firefox Proxy Auto-Configuration (PAC) file\nprocessor. If Firefox loads a malicious PAC file, it could crash\nFirefox or, potentially, execute arbitrary code with the privileges of\nthe user running Firefox. (CVE-2009-3372)\n\nA heap-based buffer overflow flaw was found in the Firefox GIF image\nprocessor. A malicious GIF image could crash Firefox or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2009-3373)\n\nA heap-based buffer overflow flaw was found in the Firefox string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash Firefox or, potentially, execute arbitrary code\nwith the privileges of the user running Firefox. (CVE-2009-1563)\n\nA flaw was found in the way Firefox handles text selection. A\nmalicious website may be able to read highlighted text in a different\ndomain (e.g. another website the user is viewing), bypassing the\nsame-origin policy. (CVE-2009-3375)\n\nA flaw was found in the way Firefox displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed\nin the title bar differs from the name displayed in the dialog body.\nAn attacker could use this flaw to trick a user into downloading a\nfile that has a file name or extension that differs from what the user\nexpected. (CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2009-3374, CVE-2009-3380, CVE-2009-3382)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.0.15. You can find a link to the\nMozilla advisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.0.15, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001219.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001220.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel-unstable\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"firefox-3.0.15-3.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nspr-4.7.6-1.el4_8\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"nspr-devel-4.7.6-1.el4_8\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-3.0.15-3.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nspr-4.7.6-1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"nspr-devel-4.7.6-1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-1.9.0.15-3.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-1.9.0.15-3.0.1.el5_4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-unstable-1.9.0.15-3.0.1.el5_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / nspr / nspr-devel / xulrunner / xulrunner-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2816", "CVE-2009-3384"], "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "modified": "2009-11-14T03:30:38", "published": "2009-11-14T03:30:38", "id": "FEDORA:51CC510F844", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: qt-4.5.3-9.fc12", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "modified": "2009-11-14T03:33:40", "published": "2009-11-14T03:33:40", "id": "FEDORA:449DA10F83E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: qt-4.5.3-9.fc11", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1725", "CVE-2009-2700", "CVE-2009-2816", "CVE-2009-3384"], "description": "Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling. ", "modified": "2009-11-14T03:31:02", "published": "2009-11-14T03:31:02", "id": "FEDORA:6696510F844", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: qt-4.5.3-9.fc10", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:29:56", "description": "Bugraq ID: 36995\r\nCVE ID\uff1aCVE-2009-3384\r\n\r\nWebKit\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684web\u6d4f\u89c8\u5668\u5f15\u64ce\u3002\r\nWebKit\u5904\u7406FTP\u76ee\u5f55\u5217\u8868\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\uff0c\u4fe1\u606f\u6cc4\u6f0f\u6216\u4efb\u610f\u4ee3\u7801\u6267\u884c\u653b\u51fb\u3002\r\n\u8bbf\u95ee\u6076\u610f\u7279\u6b8a\u6784\u5efa\u7684FTP\u670d\u52a1\u5668\u53ef\u89e6\u53d1\u6b64\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\n\nWebKit Open Source Project WebKit r38566\r\nWebKit Open Source Project WebKit \r\nApple Safari 4.0.3 for Windows\r\nApple Safari 4.0.2 for Windows\r\nApple Safari 3.2.3 for Windows\r\nApple Safari 3.2.2 for Windows\r\nApple Safari 3.1.2 for Windows\r\nApple Safari 3.1.1 for Windows\r\nApple Safari 3.0.4 Beta for Windows\r\nApple Safari 3.0.3 \r\nApple Safari 3.0.2 Beta for Windows\r\nApple Safari 3.0.1 Beta for Windows\r\nApple Safari 4 for Windows\r\nApple Safari 3.1 for Windows\r\nApple Safari 3 Beta for Windows\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0bApple\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u89e3\u51b3\u65b9\u6848\uff1a\r\nApple Safari 4.0.3 for Windows\r\nApple APPLE-SA-2009-11-11-1 SafariQuickTimeSetup.exe\r\nSafari+QuickTime for Windows 7, Vista or XP\r\nhttp://www.apple.com/safari/download/\r\nApple APPLE-SA-2009-11-11-1 SafariSetup.exe\r\nSafari for Windows 7, Vista or XP\r\nhttp://www.apple.com/safari/download/", "published": "2009-11-16T00:00:00", "type": "seebug", "title": "WebKit\u591a\u4e2a\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\uff0c\u62d2\u7edd\u670d\u52a1\u548c\u4fe1\u606f\u6cc4\u6f0f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-3384"], "modified": "2009-11-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12637", "id": "SSV:12637", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:30:15", "description": "BUGTRAQ ID: 36357,36010,36994,36995,36997,36996\r\nCVE ID: CVE-2009-2804,CVE-2009-2414,CVE-2009-2416,CVE-2009-2842,CVE-2009-2816,CVE-2009-3384,CVE-2009-2841\r\n\r\nSafari\u662f\u82f9\u679c\u5bb6\u65cf\u673a\u5668\u64cd\u4f5c\u7cfb\u7edf\u4e2d\u9ed8\u8ba4\u6346\u7ed1\u7684WEB\u6d4f\u89c8\u5668\u3002\r\n\r\n\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528Safari\u6d4f\u89c8\u5668\u4e2d\u7684\u591a\u4e2a\u9519\u8bef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3001\u8bfb\u53d6\u654f\u611f\u4fe1\u606f\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2009-2804\r\n\r\n\u5904\u7406\u5305\u542b\u6709\u5d4c\u5165\u5f0f\u989c\u8272\u914d\u7f6e\u6587\u4ef6\u7684\u56fe\u5f62\u65f6\u5b58\u5728\u53ef\u5bfc\u81f4\u5806\u6ea2\u51fa\u7684\u6574\u6570\u6ea2\u51fa\uff0c\u7528\u6237\u53d7\u9a97\u6253\u5f00\u6076\u610f\u56fe\u5f62\u5c31\u53ef\u80fd\u5bfc\u81f4\u6d4f\u89c8\u5668\u5d29\u6e83\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2009-2414\uff0cCVE-2009-2416\r\n\r\nlibxml2\u5e93\u4e2d\u7684\u591a\u4e2a\u91ca\u653e\u540e\u4f7f\u7528\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u6d4f\u89c8\u5668\u610f\u5916\u7ec8\u6b62\u3002\r\n\r\nCVE-2009-2842\r\n\r\nSafari\u5904\u7406\u901a\u8fc7\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d\u6253\u5f00\u56fe\u5f62\u201d\u3001\u201c\u5728\u65b0\u7a97\u53e3\u4e2d\u6253\u5f00\u56fe\u5f62\u201d\u6216\u201c\u5728\u65b0\u6807\u7b7e\u9875\u4e2d\u6253\u5f00\u94fe\u63a5\u201d\u5feb\u6377\u83dc\u5355\u9009\u9879\u6240\u521d\u59cb\u5316\u7684\u5bfc\u822a\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u5bf9\u6076\u610f\u7f51\u7ad9\u4f7f\u7528\u8fd9\u4e9b\u9009\u9879\u53ef\u80fd\u52a0\u8f7d\u672c\u5730HTM\u6587\u4ef6\uff0c\u5bfc\u81f4\u6cc4\u6f0f\u654f\u611f\u4fe1\u606f\u3002\r\n\r\nCVE-2009-2816\r\n\r\nWebKit\u5b9e\u73b0\u8de8\u6e90\u8d44\u6e90\u5171\u4eab\u7684\u65b9\u5f0f\u5b58\u5728\u6f0f\u6d1e\u3002\u5728\u5141\u8bb8\u4e00\u4e2a\u6e90\u7684\u9875\u9762\u8bbf\u95ee\u53e6\u4e00\u4e2a\u6e90\u4e2d\u8d44\u6e90\u4e4b\u524d\uff0cWebKit\u5411\u540e\u8005\u670d\u52a1\u5668\u53d1\u9001\u4e86preflight\u8bf7\u6c42\u3002\u7531\u4e8eWebKit\u5305\u542b\u6709preflight\u6240\u8bf7\u6c42\u9875\u9762\u6307\u5b9a\u7684\u81ea\u5b9a\u4e49HTTP\u5934\uff0c\u8fd9\u6709\u5229\u4e8e\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u653b\u51fb\u3002\r\n\r\nCVE-2009-3384\r\n\r\nWebKit\u5904\u7406FTP\u5217\u51fa\u76ee\u5f55\u65b9\u5f0f\u5b58\u5728\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8bbf\u95ee\u6076\u610f\u7684FTP\u670d\u52a1\u5668\u53ef\u80fd\u5bfc\u81f4\u4fe1\u606f\u6cc4\u9732\u3001\u6d4f\u89c8\u5668\u610f\u5916\u7ec8\u6b62\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\r\n\r\nCVE-2009-2841\r\n\r\nWebKit\u9047\u5230\u6307\u5411\u5916\u90e8\u8d44\u6e90\u7684HTML 5\u5a92\u4f53\u5143\u7d20\u65f6\u6ca1\u6709\u53d1\u5e03\u8d44\u6e90\u52a0\u8f7d\u56de\u8c03\u6765\u5224\u65ad\u662f\u5426\u5e94\u52a0\u88c5\u8d44\u6e90\uff0c\u8fd9\u53ef\u80fd\u5bfc\u81f4\u5bf9\u8fdc\u7a0b\u670d\u52a1\u5668\u7684\u975e\u9884\u671f\u8bf7\u6c42\u3002\u4f8b\u5982\uff0cHTML\u683c\u5f0f\u90ae\u4ef6\u7684\u53d1\u4ef6\u4eba\u53ef\u4ee5\u5224\u65ad\u6d88\u606f\u662f\u5426\u5df2\u8bfb\u3002\n\nApple Safari 4.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nApple\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.apple.com/safari/download/", "published": "2009-11-13T00:00:00", "type": "seebug", "title": "Safari 4.0.4\u7248\u672c\u4fee\u590d\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2414", "CVE-2009-2416", "CVE-2009-2804", "CVE-2009-2816", "CVE-2009-2841", "CVE-2009-2842", "CVE-2009-3384"], "modified": "2009-11-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12627", "id": "SSV:12627", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:30:06", "description": "Bugraq ID: 36997\r\nCVE ID\uff1aCVE-2009-2816\r\n\r\nWebKit\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684web\u6d4f\u89c8\u5668\u5f15\u64ce\u3002\r\nWebKit\u5b58\u5728\u540c\u6e90\u7b56\u7565\u7ed5\u8fc7\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u8bbf\u95ee\u5176\u4ed6\u57df\u4e2d\u7684\u8d44\u6e90\u3002\r\nWebKit\u7684\u8de8\u6e90\u8d44\u6e90\u5171\u4eab\u5b9e\u73b0\u5b58\u5728\u5b89\u5168\u95ee\u9898\uff0c\u5728\u5141\u8bb8\u67d0\u6e90\u7684\u9875\u9762\u8bbf\u95ee\u5176\u4ed6\u6e90\u4e2d\u7684\u8d44\u6e90\u524d\uff0cWebKit\u4f1a\u53d1\u9001preflight\u8bf7\u6c42\u7ed9\u540e\u8005\u7684\u670d\u52a1\u5668\u4ee5\u8bbf\u95ee\u8d44\u6e90\u3002\u5728preflight\u8bf7\u6c42\u4e2dWebKit\u5305\u542b\u7531\u8bf7\u6c42\u9875\u9762\u6307\u5b9a\u7684\u5b9a\u5236HTTP\u5934\u5b57\u6bb5\uff0c\u8fd9\u53ef\u5bfc\u81f4\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u653b\u51fb\u3002\n\nWebKit Open Source Project WebKit 0\r\nApple Safari For Windows 3.2.1 \r\nApple Safari 4.0.3 for Windows\r\nApple Safari 4.0.3 \r\nApple Safari 4.0.2 for Windows\r\nApple Safari 4.0.2 \r\nApple Safari 4.0.1 \r\nApple Safari 3.2.3 for Windows\r\nApple Safari 3.2.3 \r\nApple Safari 3.2.2 for Windows\r\nApple Safari 3.1.2 for Windows\r\nApple Safari 3.1.2 \r\nApple Safari 3.1.1 for Windows\r\nApple Safari 3.1.1 \r\nApple Safari 3.0.4 Beta for Windows\r\nApple Safari 3.0.3 \r\nApple Safari 3.0.3 \r\nApple Safari 3.0.2 Beta for Windows\r\nApple Safari 3.0.2 Beta\r\nApple Safari 3.0.1 Beta for Windows\r\nApple Safari 3.0.1 Beta\r\nApple Safari 4 for Windows\r\nApple Safari 4 Beta\r\nApple Safari 4 Beta\r\nApple Safari 4\r\nApple Safari 3.2\r\nApple Safari 3.1 for Windows\r\nApple Safari 3.1\r\nApple Safari 3 Beta for Windows\r\nApple Safari 3 Beta\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0bApple\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u89e3\u51b3\u65b9\u6848\uff1a\r\nApple Safari 4.0.3 for Windows\r\nApple APPLE-SA-2009-11-11-1 SafariQuickTimeSetup.exe\r\nSafari+QuickTime for Windows 7, Vista or XP\r\nhttp://www.apple.com/safari/download/\r\nApple APPLE-SA-2009-11-11-1 SafariSetup.exe\r\nSafari for Windows 7, Vista or XP\r\nhttp://www.apple.com/safari/download/\r\nApple Safari 4.0.3 \r\nApple Safari4.0.4Leopard.dmg\r\nSafari for Mac OS X v10.5.7\r\nhttp://www.apple.com/safari/download/\r\nApple Safari4.0.4SnowLeopard.dmg\r\nSafari for Mac OS X v10.6.1 and v10.6.2\r\nhttp://www.apple.com/safari/download/\r\nApple Safari4.0.4Tiger.dmg\r\nSafari for Mac OS X v10.4.11\r\nhttp://www.apple.com/safari/download/", "published": "2009-11-16T00:00:00", "type": "seebug", "title": "WebKit Preflight\u8bf7\u6c42\u540c\u6e90\u7b56\u7565\u7ed5\u8fc7\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-2816"], "modified": "2009-11-16T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12644", "id": "SSV:12644", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "threatpost": [{"lastseen": "2018-10-06T23:09:15", "bulletinFamily": "info", "cvelist": ["CVE-2009-2414", "CVE-2009-2416", "CVE-2009-2804", "CVE-2009-2816", "CVE-2009-2841", "CVE-2009-2842", "CVE-2009-3384"], "description": "[](<https://threatpost.com/apple-patches-critical-safari-vulnerabilities-111109/>)Apple today shipped Safari 4.0.4 to fix a total of seven security flaws that expose Windows and Mac users to a wide range of malicious hacker attacks.\n\nThe high-priority update patches vulnerabilities that allow remote code execution (drive-by downloads) if a user simply surfs to a maliciously rigged Web site. Some of the issues affect Microsoft\u2019s new Windows 7 operating system. \nHere are the details from an Apple advisory:\n\n * **ColorSync** (CVE-2009-2804) \u2014 Available for Windows 7, Windows Vista and Windows XP \u2014 An integer overflow exists in the handling of images with an embedded color profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution. This vulnerability was internally discovered by Apple.\n * **libxml** CVE-2009-2414 and CVE-2009-2416 \u2014 Available for: Mac OS X Windows 7, Windows Vista and Windows XP \u2014 Multiple use-after-free issues exist in libxml2, the most serious of which may lead to an unexpected application termination. This update addresses the issues through improved memory handling. The issues have already been addressed in Mac OS X 10.6.2, and in Security Update 2009-006 for Mac OS X 10.5.8 systems.\n * **Safari **\u2014 CVE-2009-2842 \u2014 Available for: Mac OS X, Windows 7, Windows Vista and Windows XP \u2014 An issue exists in Safari\u2019s handling of navigations initiated via the \u201cOpen Image in New Tab\u201d, \u201cOpen Image in New Window\u201d, or \u201cOpen Link in New Tab\u201d shortcut menu options. Using these options within a maliciously crafted website could load a local HTML file, leading to the disclosure of sensitive information.\n * **WebKit **\u2014 CVE-2009-2816 \u2014 Available for Mac OS X, Windows 7, Windows Vista and Windows XP \u2014 An issue exists in WebKit\u2019s implementation of Cross-Origin Resource Sharing. Before allowing a page from one origin to access a resource in another origin, WebKit sends a preflight request to the latter server for access to the resource. WebKit includes custom HTTP headers specified by the requesting page in the preflight request. This can facilitate cross-site request forgery. Internally discovered by Apple.\n * **WebKit** \u2014 CVE-2009-3384 \u2014 Available for Windows 7, Windows Vista and Windows XP \u2014 Multiple vulnerabilities exist in WebKit\u2019s handling of FTP directory listings. Accessing a maliciously crafted FTP server may lead to information disclosure, unexpected application termination, or execution of arbitrary code. This update addresses the issues through improved parsing of FTP directory listings. These issues do not affect Safari on Mac OS X systems.\n * **WebKit** \u2014 CVE-2009-2841 \u2014 Available for Mac OS X (client and server) \u2014 When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read. This issue is addressed by generating resource load callbacks when WebKit encounters an HTML 5 Media Element. This issue does not affect Safari on Windows systems.\n\nThe browser update is being pushed to Mac and Windows systems via Apple\u2019s software update utilities. Alternatively, Safari users can download the patches from [Apple\u2019s download site](<http://www.apple.com/safari/download/>).\n", "modified": "2018-08-15T14:12:22", "published": "2009-11-11T21:45:09", "id": "THREATPOST:213B2F3A19EB934CE4579B8DDEAC6AB4", "href": "https://threatpost.com/apple-patches-critical-safari-vulnerabilities-111109/73081/", "type": "threatpost", "title": "Apple Patches Critical Safari Vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:08:39", "bulletinFamily": "info", "cvelist": ["CVE-2009-2285", "CVE-2009-2841", "CVE-2009-3384", "CVE-2010-0036", "CVE-2010-0038"], "description": "[](<https://threatpost.com/apple-plugs-critical-iphone-security-holes-020210/>)Apple has shipped a patch to cover five documented vulnerabilities that expose iPhone and iPod Touch users to malicious hacker attacks. The most serious flaw could allow remote code execution if an iPhone/iPod Touch user opens audio and image files.\n\nHere\u2019s the skinny on the vulnerabilities being patched with this iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod Touch update:\n\n * **CoreAudio** (CVE-2010-0036) \u2014 A buffer overflow exists in the handling of mp4 audio files. Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution. \n * **ImageIO** (CVE-2009-2285) \u2014 A buffer underflow exists in ImageIO\u2019s handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. \n * **Recovery Mode** (CVE-2010-0038) \u2014 A memory corruption issue exists in the handling of a certain USB control message. A person with physical access to the device could use this to bypass the passcode and access the user\u2019s data. \n * **WebKit **(CVE-2009-3384) \u2014 Multiple input validation issues exist in WebKit\u2019s handling of FTP directory listings. Accessing a maliciously crafted FTP server may lead to information disclosure, unexpected application termination, or execution of arbitrary code. \n * **WebKit** (CVE-2009-2841) \u2014 When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read.\n\nThis iPhone/iPod Touch update is only available through iTunes and will not appear in the software update utility available in Mac and Windows systems.\n", "modified": "2018-08-15T13:34:01", "published": "2010-02-02T19:05:36", "id": "THREATPOST:87A00B01F9F51647FA037F1CED7DA5EF", "href": "https://threatpost.com/apple-plugs-critical-iphone-security-holes-020210/73474/", "type": "threatpost", "title": "Apple Plugs Critical iPhone Security Holes", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3375", "CVE-2009-3384", "CVE-2009-3385"], "description": "[1.0.9-50.0.1.el4_8]\n- Added mozilla-oracle-default-prefs.js and mozilla-oracle-default-bookmarks.html\n and removed corresponding RedHat ones\n[1.0.9-50.el4]\n- Added fixes from 1.9.0.15 ", "edition": 4, "modified": "2009-10-28T00:00:00", "published": "2009-10-28T00:00:00", "id": "ELSA-2009-1531", "href": "http://linux.oracle.com/errata/ELSA-2009-1531.html", "title": "seamonkey security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:41", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-3374", "CVE-2009-3384", "CVE-2009-3382", "CVE-2009-3370"], "description": "firefox:\n[3.0.15-3.0.1.el5_4]\n- Update firstrun and homepage URLs in specfile\n- Added patch oracle-firefox-branding.patch\n- Added firefox-oracle-default-prefs.js/firefox-oracle-default-bookmarks.html\n and removed the corresponding Red Hat ones\n[3.0.15-3]\n- Rebuild due to Mozilla's respin\n[3.0.15-2]\n- Rebuild due to xulrunner changes\n[3.0.15-1]\n- Update to 3.0.15\nnspr:\n[4.7.6-1]\n- update to 4.7.6\nxulrunner:\n[1.9.0.15-3.0.1.el5_4]\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\n RedHat one.\n[1.9.0.15-3]\n- Rebuild due to Mozilla's respin\n[1.9.0.15-2]\n- Added remedy patch\n[1.9.0.15-1]\n- Update to 1.9.0.15 ", "edition": 4, "modified": "2009-10-28T00:00:00", "published": "2009-10-28T00:00:00", "id": "ELSA-2009-1530", "href": "http://linux.oracle.com/errata/ELSA-2009-1530.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:00", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "description": "[1.5.0.12-25.0.1.el4]\n- Add thunderbird-oracle-default-prefs.js for errata rebuild and remove\n thunderbird-redhat-default-prefs.js\n- Replaced clean.gif in tarball\n[1.5.0.12-25]\n- Added patches from 2.0.0.24\n[1.5.0.12-24]\n- Update patchset to fix regression as per 1.9.0.13 ", "edition": 4, "modified": "2010-03-17T00:00:00", "published": "2010-03-17T00:00:00", "id": "ELSA-2010-0154", "href": "http://linux.oracle.com/errata/ELSA-2010-0154.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:25:24", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3384", "CVE-2009-3385"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1531\n\n\nSeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file SeaMonkey is\ngoing to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A malicious\nwebsite may be able to read highlighted text in a different domain (e.g.\nanother website the user is viewing), bypassing the same-origin policy.\n(CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differs from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that differs from what the user expected.\n(CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028240.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028241.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028242.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028243.html\n\n**Affected packages:**\nseamonkey\nseamonkey-chat\nseamonkey-devel\nseamonkey-dom-inspector\nseamonkey-js-debugger\nseamonkey-mail\nseamonkey-nspr\nseamonkey-nspr-devel\nseamonkey-nss\nseamonkey-nss-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1531.html", "edition": 5, "modified": "2009-10-28T13:22:24", "published": "2009-10-28T13:15:48", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/028240.html", "id": "CESA-2009:1531", "title": "seamonkey security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:27:41", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1563", "CVE-2009-3376", "CVE-2009-3274", "CVE-2009-3380", "CVE-2009-3373", "CVE-2009-3372", "CVE-2009-3375", "CVE-2009-0689", "CVE-2009-3374", "CVE-2009-3384", "CVE-2009-3382", "CVE-2009-3370"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1530\n\n\nMozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox. nspr provides the Netscape\nPortable Runtime (NSPR).\n\nA flaw was found in the way Firefox handles form history. A malicious web\npage could steal saved form data by synthesizing input events, causing the\nbrowser to auto-fill form fields (which could then be read by an attacker).\n(CVE-2009-3370)\n\nA flaw was found in the way Firefox creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file Firefox is\ngoing to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the Firefox Proxy Auto-Configuration (PAC) file\nprocessor. If Firefox loads a malicious PAC file, it could crash Firefox\nor, potentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2009-3372)\n\nA heap-based buffer overflow flaw was found in the Firefox GIF image\nprocessor. A malicious GIF image could crash Firefox or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2009-3373)\n\nA heap-based buffer overflow flaw was found in the Firefox string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash Firefox or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2009-1563)\n\nA flaw was found in the way Firefox handles text selection. A malicious\nwebsite may be able to read highlighted text in a different domain (e.g.\nanother website the user is viewing), bypassing the same-origin policy.\n(CVE-2009-3375)\n\nA flaw was found in the way Firefox displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differs from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that differs from what the user expected.\n(CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2009-3374, CVE-2009-3380, CVE-2009-3382)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.15. You can find a link to the Mozilla\nadvisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.15, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028244.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/028245.html\n\n**Affected packages:**\nfirefox\nnspr\nnspr-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1530.html", "edition": 5, "modified": "2009-10-28T13:45:18", "published": "2009-10-28T13:44:04", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/028244.html", "id": "CESA-2009:1530", "title": "firefox, nspr security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:25", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0154\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028614.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028615.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0154.html", "edition": 5, "modified": "2010-03-17T18:24:43", "published": "2010-03-17T18:24:23", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/028614.html", "id": "CESA-2010:0154", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:30", "bulletinFamily": "unix", "cvelist": ["CVE-2009-2470", "CVE-2009-3076", "CVE-2009-3979", "CVE-2009-3376", "CVE-2009-1571", "CVE-2009-3274", "CVE-2010-0159", "CVE-2009-3380", "CVE-2009-3072", "CVE-2009-0689", "CVE-2009-2463", "CVE-2010-0171", "CVE-2009-3075", "CVE-2010-0163", "CVE-2009-3384", "CVE-2009-2466", "CVE-2009-3077", "CVE-2009-2462", "CVE-2010-0169"], "description": "**CentOS Errata and Security Advisory** CESA-2010:0153\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028622.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-March/028623.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 5, "modified": "2010-03-26T20:37:29", "published": "2010-03-26T20:37:29", "href": "http://lists.centos.org/pipermail/centos-announce/2010-March/028622.html", "id": "CESA-2010:0153", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-12-11T13:32:24", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0689", "CVE-2009-1563", "CVE-2009-3274", "CVE-2009-3375", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3384", "CVE-2009-3385"], "description": "SeaMonkey is an open source Web browser, email and newsgroup client, IRC\nchat client, and HTML editor.\n\nA flaw was found in the way SeaMonkey creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file SeaMonkey is\ngoing to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA heap-based buffer overflow flaw was found in the SeaMonkey string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash SeaMonkey or, potentially, execute arbitrary code\nwith the privileges of the user running SeaMonkey. (CVE-2009-1563)\n\nA flaw was found in the way SeaMonkey handles text selection. A malicious\nwebsite may be able to read highlighted text in a different domain (e.g.\nanother website the user is viewing), bypassing the same-origin policy.\n(CVE-2009-3375)\n\nA flaw was found in the way SeaMonkey displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differs from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that differs from what the user expected.\n(CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nSeaMonkey. (CVE-2009-3380)\n\nAll SeaMonkey users should upgrade to these updated packages, which correct\nthese issues. After installing the update, SeaMonkey must be restarted for\nthe changes to take effect.", "modified": "2019-03-22T23:42:56", "published": "2009-10-27T04:00:00", "id": "RHSA-2009:1531", "href": "https://access.redhat.com/errata/RHSA-2009:1531", "type": "redhat", "title": "(RHSA-2009:1531) Critical: seamonkey security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:32:02", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0689", "CVE-2009-1563", "CVE-2009-3274", "CVE-2009-3370", "CVE-2009-3372", "CVE-2009-3373", "CVE-2009-3374", "CVE-2009-3375", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3382", "CVE-2009-3384"], "description": "Mozilla Firefox is an open source Web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox. nspr provides the Netscape\nPortable Runtime (NSPR).\n\nA flaw was found in the way Firefox handles form history. A malicious web\npage could steal saved form data by synthesizing input events, causing the\nbrowser to auto-fill form fields (which could then be read by an attacker).\n(CVE-2009-3370)\n\nA flaw was found in the way Firefox creates temporary file names for\ndownloaded files. If a local attacker knows the name of a file Firefox is\ngoing to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the Firefox Proxy Auto-Configuration (PAC) file\nprocessor. If Firefox loads a malicious PAC file, it could crash Firefox\nor, potentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2009-3372)\n\nA heap-based buffer overflow flaw was found in the Firefox GIF image\nprocessor. A malicious GIF image could crash Firefox or, potentially,\nexecute arbitrary code with the privileges of the user running Firefox.\n(CVE-2009-3373)\n\nA heap-based buffer overflow flaw was found in the Firefox string to\nfloating point conversion routines. A web page containing malicious\nJavaScript could crash Firefox or, potentially, execute arbitrary code with\nthe privileges of the user running Firefox. (CVE-2009-1563)\n\nA flaw was found in the way Firefox handles text selection. A malicious\nwebsite may be able to read highlighted text in a different domain (e.g.\nanother website the user is viewing), bypassing the same-origin policy.\n(CVE-2009-3375)\n\nA flaw was found in the way Firefox displays a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differs from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that differs from what the user expected.\n(CVE-2009-3376)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2009-3374, CVE-2009-3380, CVE-2009-3382)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.0.15. You can find a link to the Mozilla\nadvisories in the References section of this errata.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.0.15, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.", "modified": "2017-09-08T12:17:25", "published": "2009-10-27T04:00:00", "id": "RHSA-2009:1530", "href": "https://access.redhat.com/errata/RHSA-2009:1530", "type": "redhat", "title": "(RHSA-2009:1530) Critical: firefox security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:31:31", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0689", "CVE-2009-1571", "CVE-2009-2462", "CVE-2009-2463", "CVE-2009-2466", "CVE-2009-2470", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3274", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3384", "CVE-2009-3979", "CVE-2010-0159", "CVE-2010-0163", "CVE-2010-0169", "CVE-2010-0171"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "modified": "2017-09-08T11:54:16", "published": "2010-03-17T04:00:00", "id": "RHSA-2010:0153", "href": "https://access.redhat.com/errata/RHSA-2010:0153", "type": "redhat", "title": "(RHSA-2010:0153) Moderate: thunderbird security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-11T13:31:13", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0689", "CVE-2009-1571", "CVE-2009-2462", "CVE-2009-2463", "CVE-2009-2466", "CVE-2009-2470", "CVE-2009-3072", "CVE-2009-3075", "CVE-2009-3076", "CVE-2009-3077", "CVE-2009-3274", "CVE-2009-3376", "CVE-2009-3380", "CVE-2009-3384", "CVE-2009-3979", "CVE-2010-0159", "CVE-2010-0163", "CVE-2010-0169", "CVE-2010-0171"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML mail content.\nAn HTML mail message containing malicious content could cause Thunderbird\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2466,\nCVE-2009-3072, CVE-2009-3075, CVE-2009-3380, CVE-2009-3979, CVE-2010-0159)\n\nA use-after-free flaw was found in Thunderbird. An attacker could use this\nflaw to crash Thunderbird or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2009-3077)\n\nA heap-based buffer overflow flaw was found in the Thunderbird string to\nfloating point conversion routines. An HTML mail message containing\nmalicious JavaScript could crash Thunderbird or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2009-0689)\n\nA use-after-free flaw was found in Thunderbird. Under low memory\nconditions, viewing an HTML mail message containing malicious content could\nresult in Thunderbird executing arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2009-1571)\n\nA flaw was found in the way Thunderbird created temporary file names for\ndownloaded files. If a local attacker knows the name of a file Thunderbird\nis going to download, they can replace the contents of that file with\narbitrary contents. (CVE-2009-3274)\n\nA flaw was found in the way Thunderbird displayed a right-to-left override\ncharacter when downloading a file. In these cases, the name displayed in\nthe title bar differed from the name displayed in the dialog body. An\nattacker could use this flaw to trick a user into downloading a file that\nhas a file name or extension that is different from what the user expected.\n(CVE-2009-3376)\n\nA flaw was found in the way Thunderbird processed SOCKS5 proxy replies. A\nmalicious SOCKS5 server could send a specially-crafted reply that would\ncause Thunderbird to crash. (CVE-2009-2470)\n\nDescriptions in the dialogs when adding and removing PKCS #11 modules were\nnot informative. An attacker able to trick a user into installing a\nmalicious PKCS #11 module could use this flaw to install their own\nCertificate Authority certificates on a user's machine, making it possible\nto trick the user into believing they are viewing trusted content or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2009-3076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "modified": "2017-09-08T12:12:36", "published": "2010-03-17T04:00:00", "id": "RHSA-2010:0154", "href": "https://access.redhat.com/errata/RHSA-2010:0154", "type": "redhat", "title": "(RHSA-2010:0154) Moderate: thunderbird security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
