Lucene search
Mozilla Firefox Multiple Vulnerabilities -01 (Apr 2013) - Mac OS X
🗓️ 08 Apr 2013 00:00:00Reported by Copyright (C) 2013 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 34 Views
Mozilla Firefox Multiple Vulnerabilities -01 (Apr 2013) - Mac OS X. Multiple vulnerabilities in browser engine, buffer overflow in Maintenance Service, origin spoofing, untrusted search path, address bar validation error, integer signedness error, improper handling of color profiles
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
 | Firefox < 20 Multiple Vulnerabilities | 4 Apr 201300:00 | – | nessus |
| Mozilla Thunderbird < 17.0.5 Multiple Vulnerabilities | 4 Apr 201300:00 | – | nessus |
| SeaMonkey < 2.17 Multiple Vulnerabilities | 4 Apr 201300:00 | – | nessus |
| Thunderbird < 17.0.5 Multiple Vulnerabilities (Mac OS X) | 4 Apr 201300:00 | – | nessus |
| Firefox < 20 Multiple Vulnerabilities (Mac OS X) | 4 Apr 201300:00 | – | nessus |
| SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741) | 29 May 201300:00 | – | nessus |
| Mozilla Thunderbird ESR 17.x < 17.0.5 Multiple Vulnerabilities | 4 Apr 201300:00 | – | nessus |
| Firefox ESR 17.x < 17.0.5 Multiple Vulnerabilities | 4 Apr 201300:00 | – | nessus |
| SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8578) | 29 May 201300:00 | – | nessus |
| SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741) | 29 May 201300:00 | – | nessus |
10
| Source | Link |
|---|---|
| securityfocus | www.securityfocus.com/bid/58828 |
| securityfocus | www.securityfocus.com/bid/58837 |
| securityfocus | www.securityfocus.com/bid/58818 |
| securityfocus | www.securityfocus.com/bid/58825 |
| secunia | www.secunia.com/advisories/52770 |
| securityfocus | www.securityfocus.com/bid/58826 |
| securityfocus | www.securityfocus.com/bid/58824 |
| securityfocus | www.securityfocus.com/bid/58836 |
| secunia | www.secunia.com/advisories/52293 |
| securityfocus | www.securityfocus.com/bid/58821 |
10
# SPDX-FileCopyrightText: 2013 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.803464");
script_version("2024-02-09T05:06:25+0000");
script_cve_id("CVE-2013-0788", "CVE-2013-0789", "CVE-2013-0791", "CVE-2013-0792",
"CVE-2013-0793", "CVE-2013-0794", "CVE-2013-0795", "CVE-2013-0797",
"CVE-2013-0799", "CVE-2013-0800");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
script_tag(name:"creation_date", value:"2013-04-08 11:48:39 +0530 (Mon, 08 Apr 2013)");
script_name("Mozilla Firefox Multiple Vulnerabilities -01 (Apr 2013) - Mac OS X");
script_xref(name:"URL", value:"http://secunia.com/advisories/52770");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58818");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58819");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58821");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58824");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58825");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58826");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58827");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58828");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58835");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58836");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/58837");
script_xref(name:"URL", value:"http://secunia.com/advisories/52293");
script_xref(name:"URL", value:"https://bugzilla.mozilla.org/show_bug.cgi?id=825721");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2013 Greenbone AG");
script_family("General");
script_dependencies("gb_mozilla_prdts_detect_macosx.nasl");
script_mandatory_keys("Mozilla/Firefox/MacOSX/Version");
script_tag(name:"impact", value:"Successful exploitation will allow attackers to execute arbitrary code,
memory corruption, bypass certain security restrictions and compromise
a user's system.");
script_tag(name:"affected", value:"Mozilla Firefox version before 20.0 on Mac OS X");
script_tag(name:"insight", value:"- Unspecified vulnerabilities in the browser engine
- Buffer overflow in the Mozilla Maintenance Service
- Not preventing origin spoofing of tab-modal dialogs
- Untrusted search path vulnerability while handling dll files
- Improper validation of address bar during history navigation
- Integer signedness error in the 'pixman_fill_sse2' function in
'pixman-sse2.c' in Pixman
- Error in 'CERT_DecodeCertPackage' function in Mozilla Network Security
Services (NSS)
- Improper handling of color profiles during PNG rendering in
'gfx.color_management.enablev4'
- The System Only Wrapper (SOW) implementation does not prevent use of the
cloneNode method for cloning a protected node");
script_tag(name:"solution", value:"Upgrade to Mozilla Firefox version 20.0 or later.");
script_tag(name:"summary", value:"Mozilla Firefox is prone to multiple vulnerabilities.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
ffVer = get_kb_item("Mozilla/Firefox/MacOSX/Version");
if(ffVer)
{
if(version_is_less(version:ffVer, test_version:"20.0"))
{
report = report_fixed_ver(installed_version:ffVer, fixed_version:"20.0");
security_message(port: 0, data: report);
exit(0);
}
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Apr 2013 00:00Current
7.1High risk
Vulners AI Score7.1
CVSS210
EPSS0.20476