Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2013 Greenbone AGOPENVAS:1361412562310803203
HistoryJan 16, 2013 - 12:00 a.m.

Mozilla Products Multiple Vulnerabilities-03 (Jan 2013) - Mac OS X

2013-01-1600:00:00
Copyright (C) 2013 Greenbone AG
plugins.openvas.org
44

9.5 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%

JSON

Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.803203");
  script_version("2024-02-16T05:06:55+0000");
  script_cve_id("CVE-2013-0761", "CVE-2013-0763", "CVE-2013-0771", "CVE-2013-0749");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-02-16 05:06:55 +0000 (Fri, 16 Feb 2024)");
  script_tag(name:"creation_date", value:"2013-01-16 16:30:40 +0530 (Wed, 16 Jan 2013)");
  script_name("Mozilla Products Multiple Vulnerabilities-03 (Jan 2013) - Mac OS X");

  script_xref(name:"URL", value:"http://secunia.com/advisories/51752/");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/57196");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/57197");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/57198");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/57205");
  script_xref(name:"URL", value:"http://securitytracker.com/id?1027955");
  script_xref(name:"URL", value:"http://securitytracker.com/id?1027957");
  script_xref(name:"URL", value:"http://securitytracker.com/id?1027958");
  script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2013/mfsa2013-01.html");
  script_xref(name:"URL", value:"http://www.mozilla.org/security/announce/2013/mfsa2013-02.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone AG");
  script_family("General");
  script_dependencies("gb_mozilla_prdts_detect_macosx.nasl");
  script_mandatory_keys("Mozilla/Firefox_or_Seamonkey_or_Thunderbird/Mac/Installed");

  script_tag(name:"impact", value:"Successful exploitation could allow attackers to cause a denial of service
  or execute arbitrary code in the context of the browser.");

  script_tag(name:"affected", value:"SeaMonkey version before 2.15 on Mac OS X

  Thunderbird version before 17.0.2 on Mac OS X

  Mozilla Firefox version before 18.0 on Mac OS X

  Thunderbird ESR version 17.x before 17.0.1 on Mac OS X

  Mozilla Firefox ESR version 17.x before 17.0.1 on Mac OS X");

  script_tag(name:"insight", value:"- Use-after-free errors exist within the
    'mozilla::TrackUnionStream::EndTrack' implementation and Mesa when resizing
    a WebGL canvas.

  - Unspecified error in the browser engine can be exploited to corrupt memory.

  - An error within the 'gfxTextRun::ShrinkToLigatureBoundaries()' function.");

  script_tag(name:"summary", value:"Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities.");

  script_tag(name:"solution", value:"Upgrade to Mozilla Firefox version 18.0 or ESR version 17.0.1 or later, upgrade to SeaMonkey version to 2.15 or later,
  upgrade to Thunderbird version to 17.0.2 or ESR version 17.0.1 or later.");

  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("version_func.inc");

vers = get_kb_item("Mozilla/Firefox/MacOSX/Version");
esrvers = get_kb_item("Mozilla/Firefox-ESR/MacOSX/Version");
if(vers || esrvers) {
  if(version_is_less(version:vers, test_version:"18.0") ||
     version_is_equal(version:esrvers, test_version:"17.0.0"))
  {
    security_message( port: 0, data: "The target host was found to be vulnerable" );
    exit(0);
  }
}

vers = get_kb_item("SeaMonkey/MacOSX/Version");
if(vers) {
  if(version_is_less(version:vers, test_version:"2.15"))
  {
    security_message( port: 0, data: "The target host was found to be vulnerable" );
    exit(0);
  }
}

vers = get_kb_item("Thunderbird/MacOSX/Version");
esrvers = get_kb_item("Thunderbird-ESR/MacOSX/Version");
if(vers || esrvers) {
  if(version_is_less(version:vers, test_version:"17.0.2") ||
     version_is_equal(version:esrvers, test_version:"17.0.0"))
  {
    security_message( port: 0, data: "The target host was found to be vulnerable" );
    exit(0);
  }
}

Related

openvas 21
nessus 25
mozilla 2
ubuntucve 4
prion 4
seebug 3
cvelist 4
cve 4
suse 7
freebsd 1
securityvulns 1
ubuntu 4
gentoo 1
openvas
openvas
Mozilla Products Multiple Vulnerabilities-03 January13 (Windows)
2013-01-16 00:00:00
Mozilla Products Multiple Vulnerabilities-03 January13 (Mac OS X)
2013-01-16 00:00:00
Mozilla Products Multiple Vulnerabilities-03 (Jan 2013) - Windows
2013-01-16 00:00:00
nessus
nessus
Firefox < 17.0.1 Multiple Vulnerabilities (Mac OS X)
2013-01-15 00:00:00
Firefox ESR 17.x < 17.0.1 Multiple Vulnerabilities
2013-01-15 00:00:00
Mozilla Thunderbird < 17.0.2 Multiple Vulnerabilities
2013-01-15 00:00:00
mozilla
mozilla
Use-after-free and buffer overflow issues found using Address Sanitizer — Mozilla
2013-01-08 00:00:00
Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2) — Mozilla
2013-01-08 00:00:00
ubuntucve
ubuntucve
CVE-2013-0761
2013-01-09 00:00:00
CVE-2013-0771
2013-01-09 00:00:00
CVE-2013-0763
2013-01-09 00:00:00
prion
prion
Design/Logic Flaw
2013-01-13 20:55:00
Memory corruption
2013-01-13 20:55:00
Heap overflow
2013-01-13 20:55:00
seebug
seebug
Mozilla Firefox mozilla::TrackUnionStream::EndTrack堆释放后重用漏洞
2013-01-10 00:00:00
Mozilla Firefox Mesa堆释放后重用漏洞
2013-01-10 00:00:00
Mozilla Firefox gfxTextRun::ShrinkToLigatureBoundaries堆释放后重用漏洞
2013-01-10 00:00:00
cvelist
cvelist
CVE-2013-0761
2013-01-13 20:00:00
CVE-2013-0763
2013-01-13 20:00:00
CVE-2013-0771
2013-01-13 20:00:00
cve
cve
CVE-2013-0761
2013-01-13 20:55:00
CVE-2013-0763
2013-01-13 20:55:00
CVE-2013-0771
2013-01-13 20:55:00
suse
suse
Security update for MozillaFirefox (important)
2013-01-18 19:04:49
Security update for MozillaFirefox (important)
2013-02-13 23:04:32
Mozilla Januarys (important)
2013-01-23 14:04:54
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-01-08 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-01-10 00:00:00
ubuntu
ubuntu
Firefox regression
2013-01-22 00:00:00
Thunderbird vulnerabilities
2013-01-09 00:00:00
Firefox regression
2013-02-05 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-09-27 00:00:00

9.5 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%

JSON
Related for OPENVAS:1361412562310803203
openvas21nessus25mozilla2ubuntucve4prion4seebug3cvelist4cve4suse7freebsd1securityvulns1ubuntu4gentoo1