Mozilla Products Multiple Vulnerabilities jul-10 (Windows)
2010-07-26T00:00:00
ID OPENVAS:1361412562310801387 Type openvas Reporter Copyright (c) 2010 Greenbone Networks GmbH Modified 2018-12-04T00:00:00
Description
The host is installed with Mozilla Firefox/Thunderbird that are prone to
multiple vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 12653 2018-12-04 15:31:25Z cfischer $
#
# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.801387");
script_version("$Revision: 12653 $");
script_tag(name:"last_modification", value:"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $");
script_tag(name:"creation_date", value:"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)");
script_bugtraq_id(41824);
script_cve_id("CVE-2010-1215", "CVE-2010-1207", "CVE-2010-1210");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Mozilla Products Multiple Vulnerabilities jul-10 (Windows)");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html");
script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("General");
script_dependencies("gb_firefox_detect_portable_win.nasl", "gb_thunderbird_detect_portable_win.nasl");
script_mandatory_keys("Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed");
script_tag(name:"impact", value:"Successful exploitation will let attackers to cause a denial of service
or execute arbitrary code or XSS problems.");
script_tag(name:"affected", value:"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7
Thunderbird version 3.1.x before 3.1.1");
script_tag(name:"insight", value:"The flaws are due to:
- An error in the handling of 'SJOW()' and 'fast()' native function, when
content script which is running in a chrome context accesses a content
object via SJOW.
- An error in the handling of canvas element, can be used to read data from
another site, violating the same-origin policy.The read restriction placed
on a canvas element which has had cross-origin data rendered into it can be
bypassed by retaining a reference to the canvas element's context and
deleting the associated canvas node from the DOM.
- Undefined positions within various 8 bit character encoding's are mapped to
the sequence U+FFFD which when displayed causes the immediately following
character to disappear from the text run.");
script_tag(name:"summary", value:"The host is installed with Mozilla Firefox/Thunderbird that are prone to
multiple vulnerabilities.");
script_tag(name:"solution", value:"Upgrade to Firefox version 3.5.11 or 3.6.7
Upgrade to Thunderbird version 3.0.6 or 3.1.1");
exit(0);
}
include("version_func.inc");
ffVer = get_kb_item("Firefox/Win/Ver");
if(ffVer)
{
if(version_in_range(version:ffVer, test_version:"3.6", test_version2:"3.6.6") ||
version_in_range(version:ffVer, test_version:"3.5", test_version2:"3.5.10"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
}
tbVer = get_kb_item("Thunderbird/Win/Ver");
if(tbVer)
{
if(version_is_equal(version:tbVer, test_version:"3.1.0")){
security_message( port: 0, data: "The target host was found to be vulnerable" );
}
}
{"id": "OPENVAS:1361412562310801387", "bulletinFamily": "scanner", "title": "Mozilla Products Multiple Vulnerabilities jul-10 (Windows)", "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "published": "2010-07-26T00:00:00", "modified": "2018-12-04T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "type": "openvas", "lastseen": "2019-05-29T18:40:07", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "edition": 7, "enchantments": {"dependencies": {"modified": "2018-12-05T13:46:25", "references": [{"idList": ["8C2EA875-9499-11DF-8E32-000F20797EDE"], "type": "freebsd"}, {"idList": ["MOZILLA_FIREFOX_367.NASL", "FEDORA_2010-11379.NASL", "FREEBSD_PKG_8C2EA875949911DF8E32000F20797EDE.NASL", "CENTOS_RHSA-2010-0546.NASL", "REDHAT-RHSA-2010-0546.NASL", "FEDORA_2010-11345.NASL", "CENTOS_RHSA-2010-0547.NASL", "UBUNTU_USN-957-2.NASL", "MOZILLA_THUNDERBIRD_311.NASL", "UBUNTU_USN-957-1.NASL"], "type": "nessus"}, {"idList": ["RHSA-2010:0547"], "type": "redhat"}, {"idList": ["ELSA-2010-0547"], "type": "oraclelinux"}, {"idList": ["OPENVAS:801387", "OPENVAS:862278", "OPENVAS:1361412562310862261", "OPENVAS:862258", "OPENVAS:67871", "OPENVAS:850138", "OPENVAS:1361412562310862278", "OPENVAS:1361412562310862259", "OPENVAS:862259", "OPENVAS:1361412562310880628"], "type": "openvas"}, {"idList": ["USN-930-5", "USN-930-4", "USN-957-2", "USN-957-1"], "type": "ubuntu"}, {"idList": ["SSV:19989", "SSV:19992", "SSV:19990"], "type": "seebug"}, {"idList": ["SUSE-SA:2010:032"], "type": "suse"}, {"idList": ["GLSA-201301-01"], "type": "gentoo"}, {"idList": ["CESA-2010:0547"], "type": "centos"}, {"idList": ["SECURITYVULNS:VULN:11014", "SECURITYVULNS:DOC:24316", "SECURITYVULNS:DOC:24317", "SECURITYVULNS:DOC:24311"], "type": "securityvulns"}, {"idList": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "type": "cve"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "3c2ca1389bcbdffa7169456179a231ecb8ea0c304f4ae487aab1677892619f8a", "hashmap": [{"hash": "5b7d491cf70365a6a7c1f7c556ef93ab", "key": "href"}, {"hash": "f5a7c6fbed7d69b9366f07e021ae8bd3", "key": "modified"}, {"hash": "0e4c990eabdb91629286fe4b67400a1d", "key": "sourceData"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "1ab7766b7f7d96021653deb2eda0d0ba", "key": "published"}, {"hash": "0e067ad3c15f9820fe66c52d4798e69a", "key": "title"}, {"hash": "abd763a1f10bb5d5e8c71555f7292bcf", "key": "description"}, {"hash": "181b0d5b600ff5b7de33a4a41c7b8f9d", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d2d7d64ffa3a0fe36600c71a106177e9", "key": "pluginID"}, {"hash": "82db6d7eefdc19955bb78be9fb178ae1", "key": "reporter"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "cf58250a6fe02334a1d23e86380a9448", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "id": "OPENVAS:1361412562310801387", "lastseen": "2018-12-05T13:46:25", "modified": "2018-12-04T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310801387", "published": "2010-07-26T00:00:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\");\n\n script_tag(name:\"affected\", value:\"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to:\n\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.5.11 or 3.6.7\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer)\n{\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "title": "Mozilla Products Multiple Vulnerabilities jul-10 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 7, "lastseen": "2018-12-05T13:46:25"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "998c22f627c63fcf75f6cbd93e28e9a8cb7c4a2fcde01fc3b5462a72b68e30fb", "hashmap": [{"hash": "5b7d491cf70365a6a7c1f7c556ef93ab", "key": "href"}, {"hash": "ffa8fa6bb2b3b314e7017c757a504d46", "key": "sourceData"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "1ab7766b7f7d96021653deb2eda0d0ba", "key": "published"}, {"hash": "0e067ad3c15f9820fe66c52d4798e69a", "key": "title"}, {"hash": "abd763a1f10bb5d5e8c71555f7292bcf", "key": "description"}, {"hash": "181b0d5b600ff5b7de33a4a41c7b8f9d", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d2d7d64ffa3a0fe36600c71a106177e9", "key": "pluginID"}, {"hash": "82db6d7eefdc19955bb78be9fb178ae1", "key": "reporter"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "cf58250a6fe02334a1d23e86380a9448", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "id": "OPENVAS:1361412562310801387", "lastseen": "2018-09-02T00:05:14", "modified": "2018-06-08T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310801387", "published": "2010-07-26T00:00:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 10135 2018-06-08 11:42:28Z asteins $\n#\n# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 10135 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 13:42:28 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : \"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\n\n Impact Level: Application\");\n script_tag(name : \"affected\" , value : \"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\");\n script_tag(name : \"insight\" , value : \"The flaws are due to:\n\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\");\n script_tag(name : \"summary\" , value : \"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\");\n script_tag(name : \"solution\" , value : \"Upgrade to Firefox version 3.5.11 or 3.6.7\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\n http://www.mozillamessaging.com/en-US/thunderbird/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "title": "Mozilla Products Multiple Vulnerabilities jul-10 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2018-09-02T00:05:14"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "716cbc557f5a4009c5d43e221473e0bc7dd37a0206e09f98b2796010d81fda55", "hashmap": [{"hash": "5b7d491cf70365a6a7c1f7c556ef93ab", "key": "href"}, {"hash": "9c0f6b61ee4a8467d03632382ff5efa2", "key": "modified"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "1ab7766b7f7d96021653deb2eda0d0ba", "key": "published"}, {"hash": "0e067ad3c15f9820fe66c52d4798e69a", "key": "title"}, {"hash": "abd763a1f10bb5d5e8c71555f7292bcf", "key": "description"}, {"hash": "181b0d5b600ff5b7de33a4a41c7b8f9d", "key": "cvelist"}, {"hash": "fe0b9469287ee56f933eba39f0a16434", "key": "sourceData"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d2d7d64ffa3a0fe36600c71a106177e9", "key": "pluginID"}, {"hash": "82db6d7eefdc19955bb78be9fb178ae1", "key": "reporter"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "cf58250a6fe02334a1d23e86380a9448", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "id": "OPENVAS:1361412562310801387", "lastseen": "2018-03-26T20:48:56", "modified": "2018-03-23T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310801387", "published": "2010-07-26T00:00:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 9193 2018-03-23 15:15:44Z cfischer $\n#\n# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Firefox version 3.5.11 or 3.6.7\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\n http://www.mozillamessaging.com/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\n\n Impact Level: Application\";\ntag_affected = \"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\";\n\ntag_insight = \"The flaws are due to:\n\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\";\n\ntag_summary = \"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 9193 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-03-23 16:15:44 +0100 (Fri, 23 Mar 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox version 3.5 < 3.5.11, 3.6 < 3.6.2\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n ## Grep for Thunderbird version 3.1.0\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message(0);\n }\n}\n", "title": "Mozilla Products Multiple Vulnerabilities jul-10 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2018-03-26T20:48:56"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "998c22f627c63fcf75f6cbd93e28e9a8cb7c4a2fcde01fc3b5462a72b68e30fb", "hashmap": [{"hash": "5b7d491cf70365a6a7c1f7c556ef93ab", "key": "href"}, {"hash": "ffa8fa6bb2b3b314e7017c757a504d46", "key": "sourceData"}, {"hash": "972127e56bbc7305ccf432db040aca2f", "key": "modified"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "1ab7766b7f7d96021653deb2eda0d0ba", "key": "published"}, {"hash": "0e067ad3c15f9820fe66c52d4798e69a", "key": "title"}, {"hash": "abd763a1f10bb5d5e8c71555f7292bcf", "key": "description"}, {"hash": "181b0d5b600ff5b7de33a4a41c7b8f9d", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d2d7d64ffa3a0fe36600c71a106177e9", "key": "pluginID"}, {"hash": "82db6d7eefdc19955bb78be9fb178ae1", "key": "reporter"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "cf58250a6fe02334a1d23e86380a9448", "key": "references"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "id": "OPENVAS:1361412562310801387", "lastseen": "2018-06-08T19:01:45", "modified": "2018-06-08T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310801387", "published": "2010-07-26T00:00:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 10135 2018-06-08 11:42:28Z asteins $\n#\n# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 10135 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-06-08 13:42:28 +0200 (Fri, 08 Jun 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : \"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\n\n Impact Level: Application\");\n script_tag(name : \"affected\" , value : \"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\");\n script_tag(name : \"insight\" , value : \"The flaws are due to:\n\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\");\n script_tag(name : \"summary\" , value : \"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\");\n script_tag(name : \"solution\" , value : \"Upgrade to Firefox version 3.5.11 or 3.6.7\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\n http://www.mozillamessaging.com/en-US/thunderbird/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "title": "Mozilla Products Multiple Vulnerabilities jul-10 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-06-08T19:01:45"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2010-1210", "CVE-2010-1207", "CVE-2010-1215"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "edition": 1, "enchantments": {"score": {"modified": "2018-01-19T15:04:29", "value": 2.8, "vector": "AV:N/AC:M/Au:M/C:N/I:P/A:N/"}}, "hash": "8a3371ba36f395c78943e209928cf56ccf14a54cfcfa54066fd751e4d5dcf998", "hashmap": [{"hash": "5b7d491cf70365a6a7c1f7c556ef93ab", "key": "href"}, {"hash": "0db377921f4ce762c62526131097968f", "key": "naslFamily"}, {"hash": "1ab7766b7f7d96021653deb2eda0d0ba", "key": "published"}, {"hash": "abd763a1f10bb5d5e8c71555f7292bcf", "key": "description"}, {"hash": "181b0d5b600ff5b7de33a4a41c7b8f9d", "key": "cvelist"}, {"hash": "52c16c84b35dd8a3bba0c105f5d52c48", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "2bd1a888d4d32830ca7e123d42f56c1e", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "d2d7d64ffa3a0fe36600c71a106177e9", "key": "pluginID"}, {"hash": "82db6d7eefdc19955bb78be9fb178ae1", "key": "reporter"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "cf58250a6fe02334a1d23e86380a9448", "key": "references"}, {"hash": "5184dddbc601dbf190d2e39e9cf869c4", "key": "sourceData"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801387", "id": "OPENVAS:1361412562310801387", "lastseen": "2018-01-19T15:04:29", "modified": "2018-01-18T00:00:00", "naslFamily": "General", "objectVersion": "1.3", "pluginID": "1361412562310801387", "published": "2010-07-26T00:00:00", "references": ["http://www.mozilla.org/security/announce/2010/mfsa2010-44.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-43.html", "http://www.mozilla.org/security/announce/2010/mfsa2010-38.html"], "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 8457 2018-01-18 07:58:32Z teissa $\n#\n# Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Firefox version 3.5.11 or 3.6.7\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\n http://www.mozillamessaging.com/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\n Impact Level: Application\";\ntag_affected = \"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\";\ntag_insight = \"The flaws are due to:\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\";\ntag_summary = \"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox version 3.5 < 3.5.11, 3.6 < 3.6.2\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n ## Grep for Thunderbird version 3.1.0\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message(0);\n }\n}\n", "title": "Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData", "title"], "edition": 1, "lastseen": "2018-01-19T15:04:29"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "181b0d5b600ff5b7de33a4a41c7b8f9d"}, {"key": "cvss", "hash": "4cac367be6dd8242802053610be9dee6"}, {"key": "description", "hash": "abd763a1f10bb5d5e8c71555f7292bcf"}, {"key": "href", "hash": "5b7d491cf70365a6a7c1f7c556ef93ab"}, {"key": "modified", "hash": "f5a7c6fbed7d69b9366f07e021ae8bd3"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "d2d7d64ffa3a0fe36600c71a106177e9"}, {"key": "published", "hash": "1ab7766b7f7d96021653deb2eda0d0ba"}, {"key": "references", "hash": "cf58250a6fe02334a1d23e86380a9448"}, {"key": "reporter", "hash": "82db6d7eefdc19955bb78be9fb178ae1"}, {"key": "sourceData", "hash": "0e4c990eabdb91629286fe4b67400a1d"}, {"key": "title", "hash": "0e067ad3c15f9820fe66c52d4798e69a"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "1941774a97fa6b918b0e956310ad26df7ec2a593460fedfef02c5ad1e1de3581", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1215", "CVE-2010-1207", "CVE-2010-1210"]}, {"type": "openvas", "idList": ["OPENVAS:801387", "OPENVAS:1361412562310862278", "OPENVAS:862278", "OPENVAS:1361412562310862259", "OPENVAS:862259", "OPENVAS:1361412562310880628", "OPENVAS:1361412562310862261", "OPENVAS:1361412562310862269", "OPENVAS:1361412562310850138", "OPENVAS:880628"]}, {"type": "seebug", "idList": ["SSV:19992", "SSV:19989", "SSV:19990"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24316", "SECURITYVULNS:DOC:24311", "SECURITYVULNS:DOC:24317", "SECURITYVULNS:VULN:11014"]}, {"type": "nessus", "idList": ["FEDORA_2010-11379.NASL", "MOZILLA_THUNDERBIRD_311.NASL", "ORACLELINUX_ELSA-2010-0546.NASL", "ORACLELINUX_ELSA-2010-0547.NASL", "REDHAT-RHSA-2010-0547.NASL", "FEDORA_2010-11345.NASL", "UBUNTU_USN-957-2.NASL", "CENTOS_RHSA-2010-0546.NASL", "CENTOS_RHSA-2010-0547.NASL", "UBUNTU_USN-957-1.NASL"]}, {"type": "freebsd", "idList": ["8C2EA875-9499-11DF-8E32-000F20797EDE"]}, {"type": "ubuntu", "idList": ["USN-957-2", "USN-957-1", "USN-930-4", "USN-930-5"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0547"]}, {"type": "suse", "idList": ["SUSE-SA:2010:032"]}, {"type": "centos", "idList": ["CESA-2010:0547"]}, {"type": "redhat", "idList": ["RHSA-2010:0547"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}], "modified": "2019-05-29T18:40:07"}, "score": {"value": 8.2, "vector": "NONE", "modified": "2019-05-29T18:40:07"}, "vulnersScore": 8.2}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 12653 2018-12-04 15:31:25Z cfischer $\n#\n# Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801387\");\n script_version(\"$Revision: 12653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-04 16:31:25 +0100 (Tue, 04 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilities jul-10 (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\", \"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\");\n\n script_tag(name:\"affected\", value:\"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to:\n\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version 3.5.11 or 3.6.7\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer)\n{\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "naslFamily": "General", "pluginID": "1361412562310801387", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:10:27", "bulletinFamily": "NVD", "description": "Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper (aka SJOW) wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging \"access to an object from the chrome scope.\"", "modified": "2017-09-19T01:30:00", "id": "CVE-2010-1215", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1215", "published": "2010-07-30T20:30:00", "title": "CVE-2010-1215", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:10:27", "bulletinFamily": "NVD", "description": "intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 inserts a U+FFFD sequence into text in certain circumstances involving undefined positions, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted 8-bit text.", "modified": "2017-09-19T01:30:00", "id": "CVE-2010-1210", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1210", "published": "2010-07-30T20:30:00", "title": "CVE-2010-1210", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:10:27", "bulletinFamily": "NVD", "description": "Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote attackers to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.", "modified": "2017-09-19T01:30:00", "id": "CVE-2010-1207", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1207", "published": "2010-07-30T20:30:00", "title": "CVE-2010-1207", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2017-07-12T10:50:00", "bulletinFamily": "scanner", "description": "The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.", "modified": "2017-06-27T00:00:00", "published": "2010-07-26T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=801387", "id": "OPENVAS:801387", "title": "Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_win02_jul10.nasl 6444 2017-06-27 11:24:02Z santu $\n#\n# Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Upgrade to Firefox version 3.5.11 or 3.6.7\n http://www.mozilla.com/en-US/firefox/all.html\n\n Upgrade to Thunderbird version 3.0.6 or 3.1.1\n http://www.mozillamessaging.com/en-US/thunderbird/\";\n\ntag_impact = \"Successful exploitation will let attackers to cause a denial of service\n or execute arbitrary code or XSS problems.\n Impact Level: Application\";\ntag_affected = \"Firefox version 3.5.x before 3.5.11 and 3.6.x before 3.6.7\n Thunderbird version 3.1.x before 3.1.1\";\ntag_insight = \"The flaws are due to:\n - An error in the handling of 'SJOW()' and 'fast()' native function, when\n content script which is running in a chrome context accesses a content\n object via SJOW.\n - An error in the handling of canvas element, can be used to read data from\n another site, violating the same-origin policy.The read restriction placed\n on a canvas element which has had cross-origin data rendered into it can be\n bypassed by retaining a reference to the canvas element's context and\n deleting the associated canvas node from the DOM.\n - Undefined positions within various 8 bit character encoding's are mapped to\n the sequence U+FFFD which when displayed causes the immediately following\n character to disappear from the text run.\";\ntag_summary = \"The host is installed with Mozilla Firefox/Thunderbird that are prone to\n multiple vulnerabilities.\";\n\nif(description)\n{\n script_id(801387);\n script_version(\"$Revision: 6444 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-06-27 13:24:02 +0200 (Tue, 27 Jun 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_bugtraq_id(41824);\n script_cve_id(\"CVE-2010-1215\", \"CVE-2010-1207\", \"CVE-2010-1210\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mozilla Products Multiple Vulnerabilitie jul-10 (Windows)\");\n\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-38.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-43.html\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2010/mfsa2010-44.html\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\", \"gb_thunderbird_detect_win.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Installed\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Firefox Check\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(ffVer)\n{\n ## Grep for Firefox version 3.5 < 3.5.11, 3.6 < 3.6.2\n if(version_in_range(version:ffVer, test_version:\"3.6\", test_version2:\"3.6.6\") ||\n version_in_range(version:ffVer, test_version:\"3.5\", test_version2:\"3.5.10\"))\n {\n security_message(0);\n exit(0);\n }\n}\n\n## Thunderbird Check\ntbVer = get_kb_item(\"Thunderbird/Win/Ver\");\nif(tbVer != NULL)\n{\n ## Grep for Thunderbird version 3.1.0\n if(version_is_equal(version:tbVer, test_version:\"3.1.0\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-18T10:58:32", "bulletinFamily": "scanner", "description": "Check for the Version of thunderbird", "modified": "2017-12-18T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862278", "id": "OPENVAS:862278", "title": "Fedora Update for thunderbird FEDORA-2010-11379", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2010-11379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 13\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044487.html\");\n script_id(862278);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11379\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for thunderbird FEDORA-2010-11379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.1~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:08", "bulletinFamily": "scanner", "description": "Check for the Version of sunbird", "modified": "2018-01-18T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862259", "id": "OPENVAS:1361412562310862259", "type": "openvas", "title": "Fedora Update for sunbird FEDORA-2010-11379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sunbird FEDORA-2010-11379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"sunbird on Fedora 13\";\ntag_insight = \"Mozilla Sunbird is a cross-platform calendar application, built upon\n Mozilla Toolkit. It brings Mozilla-style ease-of-use to your\n calendar, without tying you to a particular storage solution.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044488.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862259\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11379\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for sunbird FEDORA-2010-11379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of sunbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"sunbird\", rpm:\"sunbird~1.0~0.26.b2pre.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:51", "bulletinFamily": "scanner", "description": "Check for the Version of thunderbird", "modified": "2018-01-09T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862278", "id": "OPENVAS:1361412562310862278", "title": "Fedora Update for thunderbird FEDORA-2010-11379", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2010-11379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 13\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044487.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862278\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11379\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for thunderbird FEDORA-2010-11379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.1~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:10", "bulletinFamily": "scanner", "description": "Check for the Version of sunbird", "modified": "2017-12-20T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=862259", "id": "OPENVAS:862259", "title": "Fedora Update for sunbird FEDORA-2010-11379", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sunbird FEDORA-2010-11379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"sunbird on Fedora 13\";\ntag_insight = \"Mozilla Sunbird is a cross-platform calendar application, built upon\n Mozilla Toolkit. It brings Mozilla-style ease-of-use to your\n calendar, without tying you to a particular storage solution.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044488.html\");\n script_id(862259);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11379\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for sunbird FEDORA-2010-11379\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of sunbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"sunbird\", rpm:\"sunbird~1.0~0.26.b2pre.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:45", "bulletinFamily": "scanner", "description": "Check for the Version of firefox", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=880628", "id": "OPENVAS:880628", "title": "CentOS Update for firefox CESA-2010:0547 centos5 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2010:0547 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212,\n CVE-2010-1214, CVE-2010-1215, CVE-2010-2752, CVE-2010-2753)\n \n A memory corruption flaw was found in the way Firefox decoded certain PNG\n images. An attacker could create a specially-crafted PNG image that, when\n opened, could cause Firefox to crash or, potentially, execute arbitrary\n code with the privileges of the user running Firefox. (CVE-2010-1205)\n \n Several same-origin policy bypass flaws were found in Firefox. An attacker\n could create a malicious web page that, when viewed by a victim, could\n steal private data from a different website the victim has loaded with\n Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213, CVE-2010-2754)\n \n A flaw was found in the way Firefox presented the location bar to a user. A\n malicious website could trick a user into thinking they are visiting the\n site reported by the location bar, when the page is actually content\n controlled by an attacker. (CVE-2010-1206)\n \n A flaw was found in the way Firefox displayed the location bar when\n visiting a secure web page. A malicious server could use this flaw to\n present data that appears to originate from a secure server, even though it\n does not. (CVE-2010-2751)\n \n A flaw was found in the way Firefox displayed certain malformed characters.\n A malicious web page could use this flaw to bypass certain string\n sanitization methods, allowing it to display malicious information to\n users. (CVE-2010-1210)\n \n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.6.7. You can find a link to the Mozilla advisories\n in the References section of this erratum.\n \n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.6.7, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"firefox on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-July/016821.html\");\n script_id(880628);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0547\");\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_name(\"CentOS Update for firefox CESA-2010:0547 centos5 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.7~2.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.7~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.7~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880628", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880628", "title": "CentOS Update for firefox CESA-2010:0547 centos5 i386", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2010:0547 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-July/016821.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880628\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2010:0547\");\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_name(\"CentOS Update for firefox CESA-2010:0547 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 5\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Several flaws were found in the processing of malformed web content. A web\n page containing malicious content could cause Firefox to crash or,\n potentially, execute arbitrary code with the privileges of the user running\n Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212,\n CVE-2010-1214, CVE-2010-1215, CVE-2010-2752, CVE-2010-2753)\n\n A memory corruption flaw was found in the way Firefox decoded certain PNG\n images. An attacker could create a specially-crafted PNG image that, when\n opened, could cause Firefox to crash or, potentially, execute arbitrary\n code with the privileges of the user running Firefox. (CVE-2010-1205)\n\n Several same-origin policy bypass flaws were found in Firefox. An attacker\n could create a malicious web page that, when viewed by a victim, could\n steal private data from a different website the victim has loaded with\n Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213, CVE-2010-2754)\n\n A flaw was found in the way Firefox presented the location bar to a user. A\n malicious website could trick a user into thinking they are visiting the\n site reported by the location bar, when the page is actually content\n controlled by an attacker. (CVE-2010-1206)\n\n A flaw was found in the way Firefox displayed the location bar when\n visiting a secure web page. A malicious server could use this flaw to\n present data that appears to originate from a secure server, even though it\n does not. (CVE-2010-2751)\n\n A flaw was found in the way Firefox displayed certain malformed characters.\n A malicious web page could use this flaw to bypass certain string\n sanitization methods, allowing it to display malicious information to\n users. (CVE-2010-1210)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 3.6.7. You can find a link to the Mozilla advisories\n in the References section of this erratum.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 3.6.7, which corrects these issues. After installing the\n update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~3.6.7~2.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~1.9.2.7~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~1.9.2.7~2.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-19T15:04:47", "bulletinFamily": "scanner", "description": "Check for the Version of gnome-python2-extras", "modified": "2018-01-18T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862269", "id": "OPENVAS:1361412562310862269", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2010-11345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2010-11345\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 13\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044452.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862269\");\n script_version(\"$Revision: 8457 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 08:58:32 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11345\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-1206\", \"CVE-2010-2751\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2010-11345\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~20.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:41", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-957-1", "modified": "2017-12-29T00:00:00", "published": "2010-07-26T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840463", "id": "OPENVAS:1361412562310840463", "title": "Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_957_1.nasl 8258 2017-12-29 07:28:57Z teissa $\n#\n# Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several flaws were discovered in the browser engine of Firefox. If a user\n were tricked into viewing a malicious site, a remote attacker could use\n this to crash the browser or possibly run arbitrary code as the user\n invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\n CVE-2010-1212)\n\n An integer overflow was discovered in how Firefox processed plugin\n parameters. An attacker could exploit this to crash the browser or possibly\n run arbitrary code as the user invoking the program. (CVE-2010-1214)\n \n A flaw was discovered in the Firefox JavaScript engine. If a user were\n tricked into viewing a malicious site, a remote attacker code execute\n arbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n \n An integer overflow was discovered in how Firefox processed CSS values. An\n attacker could exploit this to crash the browser or possibly run arbitrary\n code as the user invoking the program. (CVE-2010-2752)\n \n An integer overflow was discovered in how Firefox interpreted the XUL\n <tree> element. If a user were tricked into viewing a malicious site, a\n remote attacker could use this to crash the browser or possibly run\n arbitrary code as the user invoking the program. (CVE-2010-2753)\n \n Aki Helin discovered that libpng did not properly handle certain malformed\n PNG images. If a user were tricked into opening a crafted PNG file, an\n attacker could cause a denial of service or possibly execute arbitrary code\n with the privileges of the user invoking the program. (CVE-2010-1205)\n \n Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin\n check in Firefox could be bypassed by utilizing the importScripts Web\n Worker method. If a user were tricked into viewing a malicious website, an\n attacker could exploit this to read data from other domains.\n (CVE-2010-1213, CVE-2010-1207)\n \n O. Andersen that Firefox did not properly map undefined positions within\n certain 8 bit encodings. An attacker could utilize this to perform\n cross-site scripting attacks. (CVE-2010-1210)\n \n Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no\n content) code. An attacker could exploit this to spoof the location bar,\n such as in a phishing attack. (CVE-2010-1206)\n \n Jordi Chancel discovered that Firefox did not properly handle when a server\n responds to an HTTPS request with plaintext and then processes JavaScript\n history events. An attacker could exploit this to spoof the location bar,\n such as in a phishing attack. (CVE-2010-2751)\n \n Chris Evans discovered that Firef ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-957-1\";\ntag_affected = \"Firefox and Xulrunner vulnerabilities on Ubuntu 8.04 LTS ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-957-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840463\");\n script_version(\"$Revision: 8258 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 08:28:57 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"957-1\");\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_name(\"Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-957-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-dbg\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-testsuite-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"abrowser-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-gnome-support\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-testsuite\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.5-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.5-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"abrowser-3.5-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"abrowser-3.5\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2-dom-inspector\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2-libthai\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-2\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.5-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.5-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.5\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"abrowser-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-branding\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support-dbg\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-dbg\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-gnome-support\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-testsuite-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-dev\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xulrunner-1.9.2-testsuite\", ver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"abrowser\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-3.0\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-granparadiso-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-trunk-dev\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-granparadiso-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-granparadiso\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-trunk-gnome-support\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-trunk\", ver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-19T15:05:20", "bulletinFamily": "scanner", "description": "Check for the Version of mozvoikko", "modified": "2018-01-19T00:00:00", "published": "2010-07-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862261", "id": "OPENVAS:1361412562310862261", "type": "openvas", "title": "Fedora Update for mozvoikko FEDORA-2010-11345", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mozvoikko FEDORA-2010-11345\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"mozvoikko on Fedora 13\";\ntag_insight = \"This is mozvoikko, an extension for Mozilla programs for using the Finnish\n spell-checker Voikko.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044448.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862261\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-23 16:10:25 +0200 (Fri, 23 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-11345\");\n script_cve_id(\"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-1205\", \"CVE-2010-1213\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-1206\", \"CVE-2010-2751\", \"CVE-2010-0654\", \"CVE-2010-2754\");\n script_name(\"Fedora Update for mozvoikko FEDORA-2010-11345\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of mozvoikko\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozvoikko\", rpm:\"mozvoikko~1.0~12.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:35", "bulletinFamily": "software", "description": "Mozilla Foundation Security Advisory 2010-43\r\n\r\nTitle: Same-origin bypass using canvas context\r\nImpact: High\r\nAnnounced: July 20, 2010\r\nReporter: Vladimir Vukicevic\r\nProducts: Firefox, Thunderbird\r\n\r\nFixed in: Firefox 3.6.7\r\n Thunderbird 3.1.1\r\nDescription\r\n\r\nMozilla developer Vladimir Vukicevic reported that a canvas element can be used to read data from another site, violating the same-origin policy. The read restriction placed on a canvas element which has had cross-origin data rendered into it can be bypassed by retaining a reference to the canvas element's context and deleting the associated canvas node from the DOM.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=571287\r\n * CVE-2010-1207\r\n", "modified": "2010-07-24T00:00:00", "published": "2010-07-24T00:00:00", "id": "SECURITYVULNS:DOC:24316", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24316", "title": "Mozilla Foundation Security Advisory 2010-43", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:35", "bulletinFamily": "software", "description": "Mozilla Foundation Security Advisory 2010-38\r\n\r\nTitle: Arbitrary code execution using SJOW and fast native function\r\nImpact: Critical\r\nAnnounced: July 20, 2010\r\nReporter: moz_bug_r_a4\r\nProducts: Firefox, Thunderbird\r\n\r\nFixed in: Firefox 3.6.7\r\n Thunderbird 3.1.1\r\nDescription\r\n\r\nMozilla security researcher moz_bug_r_a4 reported that when content script which is running in a chrome context accesses a content object via SJOW, the content code can gain access to an object from the chrome scope and use that object to run arbitrary JavaScript with chrome privileges.\r\n\r\nFirefox 3.5 and other Mozilla products built from Gecko 1.9.1 were not affected by this issue.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=567069\r\n * CVE-2010-1215\r\n", "modified": "2010-07-24T00:00:00", "published": "2010-07-24T00:00:00", "id": "SECURITYVULNS:DOC:24311", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24311", "title": "Mozilla Foundation Security Advisory 2010-38", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:35", "bulletinFamily": "software", "description": "Mozilla Foundation Security Advisory 2010-44\r\n\r\nTitle: Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish\r\nImpact: Moderate\r\nAnnounced: July 20, 2010\r\nReporter: O. Andersen\r\nProducts: Firefox, Thunderbird\r\n\r\nFixed in: Firefox 3.6.7\r\n Thunderbird 3.1.1\r\nDescription\r\n\r\nSecurity researcher O. Andersen reported that undefined positions within various 8 bit character encodings are mapped to the sequence U+FFFD which when displayed causes the immediately following character to disappear from the text run. This could potentially contribute to XSS problems on sites which expected extra characters to be present within strings being sanitized on the server.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=564679\r\n * CVE-2010-1210\r\n", "modified": "2010-07-24T00:00:00", "published": "2010-07-24T00:00:00", "id": "SECURITYVULNS:DOC:24317", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24317", "title": "Mozilla Foundation Security Advisory 2010-44", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:37", "bulletinFamily": "software", "description": "Multiple memory corruptions, use-after-free, integer overflows, array index overflow, code execution, etc.", "modified": "2010-07-24T00:00:00", "published": "2010-07-24T00:00:00", "id": "SECURITYVULNS:VULN:11014", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11014", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T18:09:40", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 41878\r\nCVE ID: CVE-2010-1207\r\n\r\nFirefox\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002\r\n\r\n\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528<canvas>\u5143\u7d20\u7834\u574f\u540c\u6e90\u7b56\u7565\u8bfb\u53d6\u5176\u4ed6\u7ad9\u70b9\u7684\u6570\u636e\u3002\u5c3d\u7ba1\u5bf9<canvas>\u5143\u7d20\u8bbe\u7f6e\u4e86\u8bfb\u9650\u5236\uff0c\u4f46\u53ef\u901a\u8fc7\u4fdd\u6301\u5bf9\u5143\u7d20\u4e0a\u4e0b\u6587\u7684\u5f15\u7528\u5e76\u4eceDOM\u5220\u9664\u76f8\u5173\u7684<canvas>\u8282\u70b9\u7ed5\u8fc7\u4e0a\u8ff0\u9650\u5236\u3002\n\nMozilla Firefox 3.6.x\r\nMozilla Thunderbird 3.1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2010:0547-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2010:0547-01\uff1aCritical: firefox security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2010-0547.html", "modified": "2010-07-27T00:00:00", "published": "2010-07-27T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19992", "id": "SSV:19992", "type": "seebug", "title": "Mozilla Firefox <canvas>\u5143\u7d20\u8de8\u57df\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-19T18:09:25", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 41866\r\nCVE ID: CVE-2010-1210\r\n\r\nFirefox\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002\r\n\r\n\u4e00\u4e9b8\u4f4d\u7f16\u7801\u5305\u542b\u6709\u672a\u5b9a\u4e49\u7684\u4f4d\u7f6e\uff0c\u6620\u5c04\u5230\u4e86U+FFFD\u3002\u5728\u663e\u793a\u7684\u65f6\u5019\uff0c\u53ef\u80fd\u4e0d\u4f1a\u663e\u793a\u7d27\u968f\u4e4b\u540e\u7684\u5b57\u7b26\u3002\u4f8b\u5982\uff0cwindows-1253\u4e2d\u7684 {'\\xD1', '\\xD2', '\\xD3', 'xD4'}\u5e8f\u5217\u5e94\u4e3a{U+3A1, U+FFFD, U+3A3, U+3A4}\uff08\u4e5f\u5c31\u662f\u5b57\u7b26\u4e32\u03a1&#65533;\u03a3\u03a4\uff09\uff0c\u4f46\u5b9e\u9645\u7ed3\u679c\u4e3a{U+3A1, U+FFFD, U+3A4}\uff0c\u7f3a\u5c11\u4e86U+3A3\u5b57\u7b26\uff08\u4e5f\u5c31\u662f\u03a1&#65533;\u03a4\u5b57\u7b26\u4e32\uff0c\u7f3a\u5c11\u03a3\uff09\u3002\r\n\r\n\u5728\u67d0\u4e9b\u7ad9\u70b9\u4e0a\u8fd9\u53ef\u80fd\u5bfc\u81f4\u8de8\u7ad9\u811a\u672c\u95ee\u9898\uff0c\u56e0\u4e3a\u670d\u52a1\u5668\u4e0a\u8fc7\u6ee4\u6389\u4e86\u67d0\u4e9b\u5e94\u663e\u793a\u7684\u5b57\u7b26\u3002\n\nMozilla Firefox 3.6.x\r\nMozilla Thunderbird 3.1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2010:0547-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2010:0547-01\uff1aCritical: firefox security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2010-0547.html", "modified": "2010-07-27T00:00:00", "published": "2010-07-27T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19990", "id": "SSV:19990", "type": "seebug", "title": "Mozilla Firefox\u5b57\u7b26\u6620\u5c04\u9519\u8bef\u663e\u793a\u6f0f\u6d1e", "sourceData": "\n 1 <!DOCTYPE HTML>\r\n2 <html>\r\n3 <!--\r\n4 https://bugzilla.mozilla.org/show_bug.cgi?id=564679\r\n5 -->\r\n6 <head>\r\n7 <meta http-equiv="Content-type" content="text/html; charset=windows-1253">\r\n8 <title>Test for Unicode non-characters</title>\r\n9 <script type="text/javascript" src="/MochiKit/packed.js"></script>\r\n10 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>\r\n11 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />\r\n12 </head>\r\n13 <body onload="test()">\r\n14 <pre id="test">\r\n15 <script class="testbody" type="text/javascript">\r\n16 \r\n17 /** test that single byte decoding resynchronizes after incomplete sequences */\r\n18 function test()\r\n19 {\r\n20 is($("display").innerHTML, "All good.", "No overconsumption");\r\n21 SimpleTest.finish();\r\n22 }\r\n23 \r\n24 SimpleTest.waitForExplicitFinish();\r\n25 </script>\r\n26 </pre>\r\n27 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=564679">Mozilla Bug 564679</a>\r\n28 <p id="display">Evil.</p>\r\n29 <div id="content" style="display: none"></div>\r\n30 &Ograve;<script type="text/javascript">\r\n31 $("display").innerHTML = "All good.";\r\n32 </script> ->\r\n33 </body>\r\n34 </html>\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-19990", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-19T18:09:23", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 41868\r\nCVE ID: CVE-2010-1215\r\n\r\nFirefox\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002\r\n\r\n\u5f53\u8fd0\u884c\u5728chrome\u73af\u5883\u4e2d\u7684\u5185\u5bb9\u811a\u672c\u901a\u8fc7SJOW\u65b9\u5f0f\u8bbf\u95ee\u5185\u5bb9\u5bf9\u8c61\u65f6\uff0c\u5185\u5bb9\u4ee3\u7801\u53ef\u4ee5\u83b7\u5f97\u5bf9chrome\u4e2d\u5bf9\u8c61\u7684\u8bbf\u95ee\uff0c\u5e76\u4f7f\u7528\u8be5\u5bf9\u8c61\u4ee5chrome\u6743\u9650\u6267\u884c\u4efb\u610fJavaScript\u3002\n\nMozilla Firefox 3.6.x\r\nMozilla Thunderbird 3.1.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2010:0547-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2010:0547-01\uff1aCritical: firefox security update\r\n\u94fe\u63a5\uff1ahttps://www.redhat.com/support/errata/RHSA-2010-0547.html", "modified": "2010-07-27T00:00:00", "published": "2010-07-27T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-19989", "id": "SSV:19989", "type": "seebug", "title": "Mozilla Firefox SJOW\u65b9\u5f0f\u6743\u9650\u63d0\u5347\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-12-13T07:03:18", "bulletinFamily": "scanner", "description": "Update to new upstream Thunderbird version 3.1.1, fixing multiple\nsecurity issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/announce/ Update also includes sunbird\npackage rebuilt against new version of Thunderbird.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "FEDORA_2010-11379.NASL", "href": "https://www.tenable.com/plugins/nessus/47813", "published": "2010-07-23T00:00:00", "title": "Fedora 13 : sunbird-1.0-0.26.b2pre.fc13 / thunderbird-3.1.1-1.fc13 (2010-11379)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-11379.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47813);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:31\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1207\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1215\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_xref(name:\"FEDORA\", value:\"2010-11379\");\n\n script_name(english:\"Fedora 13 : sunbird-1.0-0.26.b2pre.fc13 / thunderbird-3.1.1-1.fc13 (2010-11379)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Thunderbird version 3.1.1, fixing multiple\nsecurity issues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/announce/ Update also includes sunbird\npackage rebuilt against new version of Thunderbird.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/announce/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=568231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=608238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615456\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615488\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044487.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?eb4e1982\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044488.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?803bbecd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sunbird and / or thunderbird packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sunbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"sunbird-1.0-0.26.b2pre.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"thunderbird-3.1.1-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sunbird / thunderbird\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:08:48", "bulletinFamily": "scanner", "description": "The installed version of Thunderbird is earlier than 3.1.1. Such\nversions are potentially affected by the following security issues :\n\n - Multiple memory safety bugs could result in memory\n corruption, potentially resulting in arbitrary code\n execution. (MFSA 2010-34)\n\n - It may be possible to run arbitrary JavaScript with\n chrome privileges using SJOW and fast native\n function. (MFSA 2010-38) \n\n - The array class used to store CSS values is affected\n by an integer overflow vulnerability. (MFSA 2010-39)\n\n - An integer overflow vulnerability exists in the\n ", "modified": "2019-12-02T00:00:00", "id": "MOZILLA_THUNDERBIRD_311.NASL", "href": "https://www.tenable.com/plugins/nessus/47784", "published": "2010-07-21T00:00:00", "title": "Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47784);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1207\", \"CVE-2010-1210\",\n \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1215\",\n \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_bugtraq_id(41852, 41853, 41859, 41860, 41866, 41871, 41872, 41878);\n script_xref(name:\"Secunia\", value:\"40642\");\n\n script_name(english:\"Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird is earlier than 3.1.1. Such\nversions are potentially affected by the following security issues :\n\n - Multiple memory safety bugs could result in memory\n corruption, potentially resulting in arbitrary code\n execution. (MFSA 2010-34)\n\n - It may be possible to run arbitrary JavaScript with\n chrome privileges using SJOW and fast native\n function. (MFSA 2010-38) \n\n - The array class used to store CSS values is affected\n by an integer overflow vulnerability. (MFSA 2010-39)\n\n - An integer overflow vulnerability exists in the\n 'selection' attribute of XUL <tree> element.\n (MFSA 2010-40)\n\n - A buffer overflow vulnerability in Mozilla graphics\n code could lead to arbitrary code execution.\n (MFSA 2010-41)\n\n - It is possible to read and parse resources from other\n domains even when the content is not valid JavaScript\n leading to cross-domain data disclosure. (MFSA 2010-42)\n\n - The canvas element can be used to read data from another\n site leading to a same-origin bypass vulnerability.\n (MFSA 2010-43)\n\n - Characters mapped to U+FFFD in 8 bit encodings could\n cause subsequent characters to disappear, potentially\n contributing to cross-site scripting issues on certain\n websites. (MFSA 2010-44)\n\n - It is possible to read data across domains by\n injecting bogus CSS selectors into a target site.\n (MFSA 2010-46)\n\n - Potentially sensitive URL parameters could be leaked\n across domains via script errors. (MFSA 2010-47)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-34/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-38/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-39/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-40/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-41/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-42/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-43/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-44/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-46/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2010-47/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Thunderbird 3.1.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/10/23\"); # (MFSA 2010-46)\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/21\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'3.1.1', min:'3.1.0', severity:SECURITY_HOLE);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:40:59", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2010:0546 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSeaMonkey is an open source web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)\n\nA memory corruption flaw was found in the way SeaMonkey decoded\ncertain PNG images. An attacker could create a specially crafted PNG\nimage that, when opened, could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning SeaMonkey. (CVE-2010-1205)\n\nA same-origin policy bypass flaw was found in SeaMonkey. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nSeaMonkey. (CVE-2010-2754)\n\nA flaw was found in the way SeaMonkey displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.", "modified": "2019-12-02T00:00:00", "id": "ORACLELINUX_ELSA-2010-0546.NASL", "href": "https://www.tenable.com/plugins/nessus/68067", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0546)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0546 and \n# Oracle Linux Security Advisory ELSA-2010-0546 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68067);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/25 13:36:08\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2760\");\n script_bugtraq_id(41174, 41824);\n script_xref(name:\"RHSA\", value:\"2010:0546\");\n\n script_name(english:\"Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0546)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0546 :\n\nUpdated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSeaMonkey is an open source web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)\n\nA memory corruption flaw was found in the way SeaMonkey decoded\ncertain PNG images. An attacker could create a specially crafted PNG\nimage that, when opened, could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning SeaMonkey. (CVE-2010-1205)\n\nA same-origin policy bypass flaw was found in SeaMonkey. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nSeaMonkey. (CVE-2010-2754)\n\nA flaw was found in the way SeaMonkey displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-July/001548.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-July/001550.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.57.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.57.0.1.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-1.0.9-60.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-chat-1.0.9-60.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-devel-1.0.9-60.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-dom-inspector-1.0.9-60.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-js-debugger-1.0.9-60.0.1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"seamonkey-mail-1.0.9-60.0.1.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T06:41:04", "bulletinFamily": "scanner", "description": "Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSeaMonkey is an open source web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)\n\nA memory corruption flaw was found in the way SeaMonkey decoded\ncertain PNG images. An attacker could create a specially crafted PNG\nimage that, when opened, could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning SeaMonkey. (CVE-2010-1205)\n\nA same-origin policy bypass flaw was found in SeaMonkey. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nSeaMonkey. (CVE-2010-2754)\n\nA flaw was found in the way SeaMonkey displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.", "modified": "2019-12-02T00:00:00", "id": "CENTOS_RHSA-2010-0546.NASL", "href": "https://www.tenable.com/plugins/nessus/48342", "published": "2010-08-17T00:00:00", "title": "CentOS 3 : seamonkey (CESA-2010:0546)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0546 and \n# CentOS Errata and Security Advisory 2010:0546 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(48342);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:05\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2760\");\n script_bugtraq_id(41174, 41824);\n script_xref(name:\"RHSA\", value:\"2010:0546\");\n\n script_name(english:\"CentOS 3 : seamonkey (CESA-2010:0546)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated SeaMonkey packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3 and 4.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSeaMonkey is an open source web browser, email and newsgroup client,\nIRC chat client, and HTML editor.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause SeaMonkey to crash\nor, potentially, execute arbitrary code with the privileges of the\nuser running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)\n\nA memory corruption flaw was found in the way SeaMonkey decoded\ncertain PNG images. An attacker could create a specially crafted PNG\nimage that, when opened, could cause SeaMonkey to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning SeaMonkey. (CVE-2010-1205)\n\nA same-origin policy bypass flaw was found in SeaMonkey. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nSeaMonkey. (CVE-2010-2754)\n\nA flaw was found in the way SeaMonkey displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nAll SeaMonkey users should upgrade to these updated packages, which\ncorrect these issues. After installing the update, SeaMonkey must be\nrestarted for the changes to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016924.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c3a3e0b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016925.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?82087d6c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected seamonkey packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-chat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-js-debugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nspr-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seamonkey-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-chat-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-chat-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-devel-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-devel-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-dom-inspector-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-dom-inspector-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-js-debugger-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-js-debugger-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-mail-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-mail-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nspr-devel-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nspr-devel-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"seamonkey-nss-devel-1.0.9-0.57.el3.centos3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"seamonkey-nss-devel-1.0.9-0.57.el3.centos3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"seamonkey / seamonkey-chat / seamonkey-devel / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T07:03:18", "bulletinFamily": "scanner", "description": "Update to new upstream Firefox version 3.6.7, fixing multiple security\nissues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox36.html#firefox3.6.7 Update also includes all\npackages depending on gecko-libs rebuilt against new version of\nFirefox / XULRunner. CVE-2010-1211 CVE-2010-1212 CVE-2010-1208\nCVE-2010-1209 CVE-2010-1214 CVE-2010-1215 CVE-2010-2752 CVE-2010-2753\nCVE-2010-1205 CVE-2010-1213 CVE-2010-1207 CVE-2010-1210 CVE-2010-1206\nCVE-2010-2751 CVE-2010-0654 CVE-2010-2754\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "FEDORA_2010-11345.NASL", "href": "https://www.tenable.com/plugins/nessus/47809", "published": "2010-07-23T00:00:00", "title": "Fedora 13 : firefox-3.6.7-1.fc13 / galeon-2.0.7-30.fc13 / gnome-python2-extras-2.25.3-20.fc13 / etc (2010-11345)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-11345.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47809);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:31\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_xref(name:\"FEDORA\", value:\"2010-11345\");\n\n script_name(english:\"Fedora 13 : firefox-3.6.7-1.fc13 / galeon-2.0.7-30.fc13 / gnome-python2-extras-2.25.3-20.fc13 / etc (2010-11345)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to new upstream Firefox version 3.6.7, fixing multiple security\nissues detailed in the upstream advisories:\nhttp://www.mozilla.org/security/known-\nvulnerabilities/firefox36.html#firefox3.6.7 Update also includes all\npackages depending on gecko-libs rebuilt against new version of\nFirefox / XULRunner. CVE-2010-1211 CVE-2010-1212 CVE-2010-1208\nCVE-2010-1209 CVE-2010-1214 CVE-2010-1215 CVE-2010-2752 CVE-2010-2753\nCVE-2010-1205 CVE-2010-1213 CVE-2010-1207 CVE-2010-1210 CVE-2010-1206\nCVE-2010-2751 CVE-2010-0654 CVE-2010-2754\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.mozilla.org/security/known-\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/known-\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=568231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=608238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=608763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615455\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615456\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615459\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615472\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615480\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=615488\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044448.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?935981f2\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044449.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5cbae3e5\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044450.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0a518e6b\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044451.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9affd7a3\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044452.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?181d2dc8\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044453.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?955a18cb\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/044454.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bc3febed\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:galeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-web-photo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mozvoikko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"firefox-3.6.7-1.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"galeon-2.0.7-30.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-python2-extras-2.25.3-20.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"gnome-web-photo-0.9-10.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"mozvoikko-1.0-12.fc13\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"perl-Gtk2-MozEmbed-0.08-6.fc13.15\")) flag++;\nif (rpm_check(release:\"FC13\", reference:\"xulrunner-1.9.2.7-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / galeon / gnome-python2-extras / gnome-web-photo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T06:41:04", "bulletinFamily": "scanner", "description": "Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "modified": "2019-12-02T00:00:00", "id": "CENTOS_RHSA-2010-0547.NASL", "href": "https://www.tenable.com/plugins/nessus/47806", "published": "2010-07-23T00:00:00", "title": "CentOS 4 / 5 : firefox (CESA-2010:0547)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0547 and \n# CentOS Errata and Security Advisory 2010:0547 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47806);\n script_version(\"1.18\");\n script_cvs_date(\"Date: 2019/10/25 13:36:05\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2760\");\n script_bugtraq_id(41055, 41174, 41824);\n script_xref(name:\"RHSA\", value:\"2010:0547\");\n\n script_name(english:\"CentOS 4 / 5 : firefox (CESA-2010:0547)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016878.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f115d85\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-August/016879.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?938ae3fb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-July/016821.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5bb95f40\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2010-July/016822.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47cf09c4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"firefox-3.6.7-2.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"firefox-3.6.7-2.el4.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"firefox-3.6.7-2.el5.centos\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-1.9.2.7-2.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xulrunner-devel-1.9.2.7-2.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:53:03", "bulletinFamily": "scanner", "description": "Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "modified": "2019-12-02T00:00:00", "id": "REDHAT-RHSA-2010-0547.NASL", "href": "https://www.tenable.com/plugins/nessus/47881", "published": "2010-07-28T00:00:00", "title": "RHEL 4 / 5 : firefox (RHSA-2010:0547)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0547. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47881);\n script_version (\"1.29\");\n script_cvs_date(\"Date: 2019/10/25 13:36:15\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2760\");\n script_bugtraq_id(41055, 41174, 41824);\n script_xref(name:\"RHSA\", value:\"2010:0547\");\n\n script_name(english:\"RHEL 4 / 5 : firefox (RHSA-2010:0547)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-0654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1213\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2754\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ab0bbddd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2010:0547\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected firefox, xulrunner and / or xulrunner-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0547\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"firefox-3.6.7-2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-3.6.7-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-1.9.2.7-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-1.9.2.7-2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T09:57:23", "bulletinFamily": "scanner", "description": "Several flaws were discovered in the browser engine of Firefox. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-1208, CVE-2010-1209,\nCVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin\nparameters. An attacker could exploit this to crash the browser or\npossibly run arbitrary code as the user invoking the program.\n(CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were\ntricked into viewing a malicious site, a remote attacker code execute\narbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS\nvalues. An attacker could exploit this to crash the browser or\npossibly run arbitrary code as the user invoking the program.\n(CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL\n<tree> element. If a user were tricked into viewing a malicious site,\na remote attacker could use this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain\nmalformed PNG images. If a user were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin\ncheck in Firefox could be bypassed by utilizing the importScripts Web\nWorker method. If a user were tricked into viewing a malicious\nwebsite, an attacker could exploit this to read data from other\ndomains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions\nwithin certain 8 bit encodings. An attacker could utilize this to\nperform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204\n(no content) code. An attacker could exploit this to spoof the\nlocation bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a\nserver responds to an HTTPS request with plaintext and then processes\nJavaScript history events. An attacker could exploit this to spoof the\nlocation bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper\nCSS selectors. If a user were tricked into viewing a malicious\nwebsite, an attacker could exploit this to read data from other\ndomains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script\nerror output. An attacker could use this to access URL parameters from\nother domains. (CVE-2010-2754).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "UBUNTU_USN-957-1.NASL", "href": "https://www.tenable.com/plugins/nessus/47826", "published": "2010-07-26T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-957-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-957-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47826);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\");\n script_bugtraq_id(41055, 41174, 41842, 41845, 41849, 41852, 41853, 41859, 41860, 41865, 41866, 41868, 41871, 41872, 41878);\n script_xref(name:\"USN\", value:\"957-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-957-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were discovered in the browser engine of Firefox. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-1208, CVE-2010-1209,\nCVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin\nparameters. An attacker could exploit this to crash the browser or\npossibly run arbitrary code as the user invoking the program.\n(CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were\ntricked into viewing a malicious site, a remote attacker code execute\narbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS\nvalues. An attacker could exploit this to crash the browser or\npossibly run arbitrary code as the user invoking the program.\n(CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL\n<tree> element. If a user were tricked into viewing a malicious site,\na remote attacker could use this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain\nmalformed PNG images. If a user were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly\nexecute arbitrary code with the privileges of the user invoking the\nprogram. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin\ncheck in Firefox could be bypassed by utilizing the importScripts Web\nWorker method. If a user were tricked into viewing a malicious\nwebsite, an attacker could exploit this to read data from other\ndomains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions\nwithin certain 8 bit encodings. An attacker could utilize this to\nperform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204\n(no content) code. An attacker could exploit this to spoof the\nlocation bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a\nserver responds to an HTTPS request with plaintext and then processes\nJavaScript history events. An attacker could exploit this to spoof the\nlocation bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper\nCSS selectors. If a user were tricked into viewing a malicious\nwebsite, an attacker could exploit this to read data from other\ndomains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script\nerror output. An attacker could use this to access URL parameters from\nother domains. (CVE-2010-2754).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/957-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-libthai\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dom-inspector\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-libthai\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrowser / abrowser-3.5 / abrowser-3.5-branding / abrowser-branding / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T09:57:23", "bulletinFamily": "scanner", "description": "USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel\nHolbert discovered that the fix for CVE-2010-1214 introduced a\nregression which did not properly initialize a plugin pointer. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or run arbitrary code as the user\ninvoking the program. (CVE-2010-2755)\n\nThis update fixes the problem.\n\nSeveral flaws were discovered in the browser engine of Firefox. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-1208, CVE-2010-1209,\nCVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed\nplugin parameters. An attacker could exploit this to crash\nthe browser or possibly run arbitrary code as the user\ninvoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a\nuser were tricked into viewing a malicious site, a remote\nattacker code execute arbitrary JavaScript with chrome\nprivileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed\nCSS values. An attacker could exploit this to crash the\nbrowser or possibly run arbitrary code as the user invoking\nthe program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox\ninterpreted the XUL <tree> element. If a user were tricked\ninto viewing a malicious site, a remote attacker could use\nthis to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle\ncertain malformed PNG images. If a user were tricked into\nopening a crafted PNG file, an attacker could cause a denial\nof service or possibly execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the\nsame-origin check in Firefox could be bypassed by utilizing\nthe importScripts Web Worker method. If a user were tricked\ninto viewing a malicious website, an attacker could exploit\nthis to read data from other domains. (CVE-2010-1213,\nCVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined\npositions within certain 8 bit encodings. An attacker could\nutilize this to perform cross-site scripting attacks.\n(CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed\nthe HTTP 204 (no content) code. An attacker could exploit\nthis to spoof the location bar, such as in a phishing\nattack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly\nhandle when a server responds to an HTTPS request with\nplaintext and then processes JavaScript history events. An\nattacker could exploit this to spoof the location bar, such\nas in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process\nimproper CSS selectors. If a user were tricked into viewing\na malicious website, an attacker could exploit this to read\ndata from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly\nhandle script error output. An attacker could use this to\naccess URL parameters from other domains. (CVE-2010-2754).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-12-02T00:00:00", "id": "UBUNTU_USN-957-2.NASL", "href": "https://www.tenable.com/plugins/nessus/47856", "published": "2010-07-27T00:00:00", "title": "Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-957-2)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-957-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47856);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2755\");\n script_xref(name:\"USN\", value:\"957-2\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-957-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel\nHolbert discovered that the fix for CVE-2010-1214 introduced a\nregression which did not properly initialize a plugin pointer. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or run arbitrary code as the user\ninvoking the program. (CVE-2010-2755)\n\nThis update fixes the problem.\n\nSeveral flaws were discovered in the browser engine of Firefox. If a\nuser were tricked into viewing a malicious site, a remote attacker\ncould use this to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-1208, CVE-2010-1209,\nCVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed\nplugin parameters. An attacker could exploit this to crash\nthe browser or possibly run arbitrary code as the user\ninvoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a\nuser were tricked into viewing a malicious site, a remote\nattacker code execute arbitrary JavaScript with chrome\nprivileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed\nCSS values. An attacker could exploit this to crash the\nbrowser or possibly run arbitrary code as the user invoking\nthe program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox\ninterpreted the XUL <tree> element. If a user were tricked\ninto viewing a malicious site, a remote attacker could use\nthis to crash the browser or possibly run arbitrary code as\nthe user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle\ncertain malformed PNG images. If a user were tricked into\nopening a crafted PNG file, an attacker could cause a denial\nof service or possibly execute arbitrary code with the\nprivileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the\nsame-origin check in Firefox could be bypassed by utilizing\nthe importScripts Web Worker method. If a user were tricked\ninto viewing a malicious website, an attacker could exploit\nthis to read data from other domains. (CVE-2010-1213,\nCVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined\npositions within certain 8 bit encodings. An attacker could\nutilize this to perform cross-site scripting attacks.\n(CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed\nthe HTTP 204 (no content) code. An attacker could exploit\nthis to spoof the location bar, such as in a phishing\nattack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly\nhandle when a server responds to an HTTPS request with\nplaintext and then processes JavaScript history events. An\nattacker could exploit this to spoof the location bar, such\nas in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process\nimproper CSS selectors. If a user were tricked into viewing\na malicious website, an attacker could exploit this to read\ndata from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly\nhandle script error output. An attacker could use this to\naccess URL parameters from other domains. (CVE-2010-2754).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/957-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:abrowser-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-2-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-3.5-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-branding\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-libthai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9.2-testsuite-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-granparadiso-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-libthai\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"firefox-trunk-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.8.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-3.5-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"abrowser-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-dom-inspector\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-2-libthai\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.0-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-3.5-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-branding\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-dev\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox-gnome-support-dbg\", pkgver:\"3.6.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dbg\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-gnome-support\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-1.9.2-testsuite-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"xulrunner-dev\", pkgver:\"1.9.2.8+build1+nobinonly-0ubuntu0.10.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"abrowser / abrowser-3.5 / abrowser-3.5-branding / abrowser-branding / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:40:59", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2010:0547 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.", "modified": "2019-12-02T00:00:00", "id": "ORACLELINUX_ELSA-2010-0547.NASL", "href": "https://www.tenable.com/plugins/nessus/68068", "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 5 : firefox (ELSA-2010-0547)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0547 and \n# Oracle Linux Security Advisory ELSA-2010-0547 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68068);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:08\");\n\n script_cve_id(\"CVE-2010-0654\", \"CVE-2010-1205\", \"CVE-2010-1206\", \"CVE-2010-1207\", \"CVE-2010-1208\", \"CVE-2010-1209\", \"CVE-2010-1210\", \"CVE-2010-1211\", \"CVE-2010-1212\", \"CVE-2010-1213\", \"CVE-2010-1214\", \"CVE-2010-1215\", \"CVE-2010-2751\", \"CVE-2010-2752\", \"CVE-2010-2753\", \"CVE-2010-2754\", \"CVE-2010-2760\");\n script_bugtraq_id(41055, 41174, 41824);\n script_xref(name:\"RHSA\", value:\"2010:0547\");\n\n script_name(english:\"Oracle Linux 4 / 5 : firefox (ELSA-2010-0547)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2010:0547 :\n\nUpdated firefox packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,\nCVE-2010-1212, CVE-2010-1214, CVE-2010-1215, CVE-2010-2752,\nCVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain\nPNG images. An attacker could create a specially crafted PNG image\nthat, when opened, could cause Firefox to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An\nattacker could create a malicious web page that, when viewed by a\nvictim, could steal private data from a different website the victim\nhas loaded with Firefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213,\nCVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a\nuser. A malicious website could trick a user into thinking they are\nvisiting the site reported by the location bar, when the page is\nactually content controlled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even\nthough it does not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed\ncharacters. A malicious web page could use this flaw to bypass certain\nstring sanitization methods, allowing it to display malicious\ninformation to users. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 3.6.7. You can find a link to the\nMozilla advisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 3.6.7, which corrects these issues. After\ninstalling the update, Firefox must be restarted for the changes to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-July/001547.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2010-July/001549.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(94);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/02/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"firefox-3.6.7-2.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"firefox-3.6.7-2.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-1.9.2.7-2.0.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-1.9.2.7-2.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2019-05-29T17:21:37", "bulletinFamily": "unix", "description": "USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or run arbitrary code as the user invoking the program. (CVE-2010-2755)\n\nThis update fixes the problem.\n\nOriginal advisory details:\n\nSeveral flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)", "modified": "2010-07-26T00:00:00", "published": "2010-07-26T00:00:00", "id": "USN-957-2", "href": "https://usn.ubuntu.com/957-2/", "title": "Firefox and Xulrunner vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:20:59", "bulletinFamily": "unix", "description": "Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)", "modified": "2010-07-23T00:00:00", "published": "2010-07-23T00:00:00", "id": "USN-957-1", "href": "https://usn.ubuntu.com/957-1/", "title": "Firefox and Xulrunner vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:22:48", "bulletinFamily": "unix", "description": "USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2.\n\nOriginal advisory details:\n\nIf was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2010-1121)\n\nSeveral flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203)\n\nA flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198)\n\nAn integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196)\n\nMartin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199)\n\nMichal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125)\n\nIlja van Sprundel discovered that the \u2018Content-Disposition: attachment\u2019 HTTP header was ignored when \u2018Content-Type: multipart\u2019 was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. (CVE-2010-1197)\n\nAmit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. (CVE-2008-5913)\n\nSeveral flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)", "modified": "2010-07-23T00:00:00", "published": "2010-07-23T00:00:00", "id": "USN-930-5", "href": "https://usn.ubuntu.com/930-5/", "title": "ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packagekit, ubufox, webfav, yelp update", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T17:23:29", "bulletinFamily": "unix", "description": "USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6.\n\nSeveral flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212)\n\nAn integer overflow was discovered in how Firefox processed plugin parameters. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-1214)\n\nA flaw was discovered in the Firefox JavaScript engine. If a user were tricked into viewing a malicious site, a remote attacker code execute arbitrary JavaScript with chrome privileges. (CVE-2010-1215)\n\nAn integer overflow was discovered in how Firefox processed CSS values. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2752)\n\nAn integer overflow was discovered in how Firefox interpreted the XUL <tree> element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2753)\n\nAki Helin discovered that libpng did not properly handle certain malformed PNG images. If a user were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)\n\nYosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin check in Firefox could be bypassed by utilizing the importScripts Web Worker method. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-1213, CVE-2010-1207)\n\nO. Andersen that Firefox did not properly map undefined positions within certain 8 bit encodings. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-1210)\n\nMichal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no content) code. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-1206)\n\nJordi Chancel discovered that Firefox did not properly handle when a server responds to an HTTPS request with plaintext and then processes JavaScript history events. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2010-2751)\n\nChris Evans discovered that Firefox did not properly process improper CSS selectors. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0654)\n\nSoroush Dalili discovered that Firefox did not properly handle script error output. An attacker could use this to access URL parameters from other domains. (CVE-2010-2754)\n\nOriginal advisory details:\n\nIf was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1121)\n\nSeveral flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203)\n\nA flaw was discovered in the way plugin instances interacted. An attacker could potentially exploit this and use one plugin to access freed memory from a second plugin to execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1198)\n\nAn integer overflow was discovered in Firefox. If a user were tricked into viewing a malicious site, an attacker could overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1196)\n\nMartin Barbella discovered an integer overflow in an XSLT node sorting routine. An attacker could exploit this to overflow a buffer and cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1199)\n\nMichal Zalewski discovered that the focus behavior of Firefox could be subverted. If a user were tricked into viewing a malicious site, a remote attacker could use this to capture keystrokes. (CVE-2010-1125)\n\nIlja van Sprundel discovered that the \u2018Content-Disposition: attachment\u2019 HTTP header was ignored when \u2018Content-Type: multipart\u2019 was also present. Under certain circumstances, this could potentially lead to cross-site scripting attacks. (CVE-2010-1197)\n\nAmit Klein discovered that Firefox did not seed its random number generator often enough. An attacker could exploit this to identify and track users across different web sites. (CVE-2008-5913)", "modified": "2010-07-23T00:00:00", "published": "2010-07-23T00:00:00", "id": "USN-930-4", "href": "https://usn.ubuntu.com/930-4/", "title": "Firefox and Xulrunner vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:06", "bulletinFamily": "unix", "description": "\nThe Mozilla Project reports:\n\nMFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)\nMFSA 2010-35 DOM attribute cloning remote code execution vulnerability\nMFSA 2010-36 Use-after-free error in NodeIterator\nMFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability\nMFSA 2010-38 Arbitrary code execution using SJOW and fast native function\nMFSA 2010-39 nsCSSValue::Array index integer overflow\nMFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability\nMFSA 2010-41 Remote code execution using malformed PNG image\nMFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts\nMFSA 2010-43 Same-origin bypass using canvas context\nMFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish\nMFSA 2010-45 Multiple location bar spoofing vulnerabilities\nMFSA 2010-46 Cross-domain data theft using CSS\nMFSA 2010-47 Cross-origin data leakage from script filename in error messages\n\n", "modified": "2010-07-20T00:00:00", "published": "2010-07-20T00:00:00", "id": "8C2EA875-9499-11DF-8E32-000F20797EDE", "href": "https://vuxml.freebsd.org/freebsd/8c2ea875-9499-11df-8e32-000f20797ede.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:20:21", "bulletinFamily": "unix", "description": "Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "modified": "2010-07-30T13:10:04", "published": "2010-07-30T13:10:04", "id": "SUSE-SA:2010:032", "href": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00008.html", "type": "suse", "title": "remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:25", "bulletinFamily": "unix", "description": "firefox:\n[3.6.7-2.0.1.el5]\n- Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html\n and remove the corresponding Red Hat ones\n[3.6.7-2]\n- Update to 3.6.7 beta2\n[3.6.7-1]\n- Update to 3.6.7\n[3.6.4-9]\n- Fixed rhbz#531159 - default browser check\nxulrunner:\n[1.9.2.7-2.0.1.el5]\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\n RedHat one.\n[1.9.2.7-2]\n- Update to build 2\n[1.9.2.7-1]\n- Update to 1.9.2.7\n[1.9.2.4-10]\n- Fix a file dependency issue ", "modified": "2010-07-21T00:00:00", "published": "2010-07-21T00:00:00", "id": "ELSA-2010-0547", "href": "http://linux.oracle.com/errata/ELSA-2010-0547.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-05-29T18:33:42", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2010:0547\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212,\nCVE-2010-1214, CVE-2010-1215, CVE-2010-2752, CVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain PNG\nimages. An attacker could create a specially-crafted PNG image that, when\nopened, could cause Firefox to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nFirefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213, CVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a user. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even though it\ndoes not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed characters.\nA malicious web page could use this flaw to bypass certain string\nsanitization methods, allowing it to display malicious information to\nusers. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.7. You can find a link to the Mozilla advisories\nin the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.7, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-August/016878.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-August/016879.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-July/016821.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-July/016822.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\n\nhttps://rhn.redhat.com/errata/RHSA-2010-0547.html", "modified": "2010-08-06T19:18:19", "published": "2010-07-22T11:29:05", "href": "http://lists.centos.org/pipermail/centos-announce/2010-July/016821.html", "id": "CESA-2010:0547", "title": "firefox, xulrunner security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:06", "bulletinFamily": "unix", "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212,\nCVE-2010-1214, CVE-2010-1215, CVE-2010-2752, CVE-2010-2753)\n\nA memory corruption flaw was found in the way Firefox decoded certain PNG\nimages. An attacker could create a specially-crafted PNG image that, when\nopened, could cause Firefox to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Firefox. (CVE-2010-1205)\n\nSeveral same-origin policy bypass flaws were found in Firefox. An attacker\ncould create a malicious web page that, when viewed by a victim, could\nsteal private data from a different website the victim has loaded with\nFirefox. (CVE-2010-0654, CVE-2010-1207, CVE-2010-1213, CVE-2010-2754)\n\nA flaw was found in the way Firefox presented the location bar to a user. A\nmalicious website could trick a user into thinking they are visiting the\nsite reported by the location bar, when the page is actually content\ncontrolled by an attacker. (CVE-2010-1206)\n\nA flaw was found in the way Firefox displayed the location bar when\nvisiting a secure web page. A malicious server could use this flaw to\npresent data that appears to originate from a secure server, even though it\ndoes not. (CVE-2010-2751)\n\nA flaw was found in the way Firefox displayed certain malformed characters.\nA malicious web page could use this flaw to bypass certain string\nsanitization methods, allowing it to display malicious information to\nusers. (CVE-2010-1210)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.7. You can find a link to the Mozilla advisories\nin the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.7, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "modified": "2017-09-08T11:55:17", "published": "2010-07-20T04:00:00", "id": "RHSA-2010:0547", "href": "https://access.redhat.com/errata/RHSA-2010:0547", "type": "redhat", "title": "(RHSA-2010:0547) Critical: firefox security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:13", "bulletinFamily": "unix", "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "GLSA-201301-01", "href": "https://security.gentoo.org/glsa/201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
