Lucene search
Copyright (C) 2011 Greenbone Networks GmbHOPENVAS:1361412562310850158HistoryJan 11, 2011 - 12:00 a.m.
SUSE: Security Advisory for MozillaFirefox, MozillaThunderbird, Seamonkey (SUSE-SA:2011:003)
2011-01-1100:00:00
Copyright (C) 2011 Greenbone Networks GmbH
plugins.openvas.org
23
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
10
Confidence
High
EPSS
0.458
Percentile
97.5%
The remote host is missing an update for the
# Copyright (C) 2011 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.850158");
script_version("2022-07-05T11:37:00+0000");
script_tag(name:"last_modification", value:"2022-07-05 11:37:00 +0000 (Tue, 05 Jul 2022)");
script_tag(name:"creation_date", value:"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_xref(name:"SUSE-SA", value:"2011-003");
script_cve_id("CVE-2010-0179", "CVE-2010-3766", "CVE-2010-3767", "CVE-2010-3768", "CVE-2010-3769", "CVE-2010-3770", "CVE-2010-3771", "CVE-2010-3772", "CVE-2010-3773", "CVE-2010-3774", "CVE-2010-3775", "CVE-2010-3776", "CVE-2010-3777", "CVE-2010-3778");
script_name("SUSE: Security Advisory for MozillaFirefox, MozillaThunderbird, Seamonkey (SUSE-SA:2011:003)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'MozillaFirefox, MozillaThunderbird, Seamonkey'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2011 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=(openSUSE11\.2|openSUSE11\.1|openSUSE11\.3)");
script_tag(name:"impact", value:"remote code execution");
script_tag(name:"affected", value:"MozillaFirefox, MozillaThunderbird, Seamonkey on openSUSE 11.1, openSUSE 11.2, openSUSE 11.3");
script_tag(name:"insight", value:"Mozilla Firefox was updated to update 3.6.13 to fix several security issues.
Also Mozilla Thunderbird and Seamonkey were updated on openSUSE.
The following security issues were fixed:
MFSA 2010-74: Mozilla developers identified and fixed several
memory safety bugs in the browser engine used in Firefox and other
Mozilla-based products. Some of these bugs showed evidence of memory
corruption under certain circumstances, and we presume that with enough
effort at least some of these could be exploited to run arbitrary code.
Jesee Ruderman, Andreas Gal, Nils, and Brian Hackett reported
memory safety problems that affected Firefox 3.6 and Firefox
3.5. CVE-2010-3776
Igor Bukanov reported a memory safety problem that was fixed in
Firefox 3.6 only. CVE-2010-3777
Jesse Ruderman reported a crash which affected Firefox 3.5 only. CVE-2010-3778
CVE-2010-3769: Dirk Heinrich reported that on Windows
platforms when document.write() was called with a very long string
a buffer overflow was caused in line breaking routines attempting
to process the string for display. Such cases triggered an invalid
read past the end of an array causing a crash which an attacker could
potentially use to run arbitrary code on a victim's computer.
CVE-2010-3771: Security researcher echo reported that
a web page could open a window with an about:blank location and then
inject an <isindex> element into that page which upon submission would
redirect to a chrome: document. The effect of this defect was that the
original page would wind up with a reference to a chrome-privileged
object, the opened window, which could be leveraged for privilege
escalation attacks.
Mozilla security researcher moz_bug_r_a4 provided proof-of-concept
code demonstrating how the above vulnerability could be used to run
arbitrary code with chrome privileges.
CVE-2010-3772: Security researcher wushi of team509
reported that when a XUL tree had an HTML <div> element nested inside a
<treechildren> element then code attempting to display content in the
XUL tree would incorrectly treat the <div> element as a parent node
to tree content underneath it resulting in incorrect indexes being
calculated for the child content. These incorrect indexes were used
in subsequent array operations which resulted in writing data past
the end of an allocated buffer. An attacker could use this issue to
crash a victim's browser and run arbitrary code on their machine.
CVE-2010-3768: Mozilla ...
Description truncated, please see the referenced URL(s) for more information.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSE11.2") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~3.6.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~3.6.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-common", rpm:"MozillaFirefox-translations-common~3.6.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-other", rpm:"MozillaFirefox-translations-other~3.6.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird", rpm:"MozillaThunderbird~3.0.11~0.5.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-devel", rpm:"MozillaThunderbird-devel~3.0.11~0.5.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-common", rpm:"MozillaThunderbird-translations-common~3.0.11~0.5.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-other", rpm:"MozillaThunderbird-translations-other~3.0.11~0.5.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"enigmail", rpm:"enigmail~1.0.1~3.5.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192", rpm:"mozilla-js192~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191", rpm:"mozilla-xulrunner191~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-devel", rpm:"mozilla-xulrunner191-devel~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs", rpm:"mozilla-xulrunner191-gnomevfs~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-common", rpm:"mozilla-xulrunner191-translations-common~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-other", rpm:"mozilla-xulrunner191-translations-other~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192", rpm:"mozilla-xulrunner192~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-buildsymbols", rpm:"mozilla-xulrunner192-buildsymbols~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-devel", rpm:"mozilla-xulrunner192-devel~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome", rpm:"mozilla-xulrunner192-gnome~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common", rpm:"mozilla-xulrunner192-translations-common~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other", rpm:"mozilla-xulrunner192-translations-other~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"python-xpcom191", rpm:"python-xpcom191~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.0.11~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~2.0.11~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-irc", rpm:"seamonkey-irc~2.0.11~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-venkman", rpm:"seamonkey-venkman~2.0.11~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192-32bit", rpm:"mozilla-js192-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-32bit", rpm:"mozilla-xulrunner191-32bit~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs-32bit", rpm:"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.16~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-32bit", rpm:"mozilla-xulrunner192-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome-32bit", rpm:"mozilla-xulrunner192-gnome-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common-32bit", rpm:"mozilla-xulrunner192-translations-common-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other-32bit", rpm:"mozilla-xulrunner192-translations-other-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "openSUSE11.1") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~3.6.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~3.6.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-common", rpm:"MozillaFirefox-translations-common~3.6.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-other", rpm:"MozillaFirefox-translations-other~3.6.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird", rpm:"MozillaThunderbird~3.0.11~0.6.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-devel", rpm:"MozillaThunderbird-devel~3.0.11~0.6.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-common", rpm:"MozillaThunderbird-translations-common~3.0.11~0.6.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-other", rpm:"MozillaThunderbird-translations-other~3.0.11~0.6.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"enigmail", rpm:"enigmail~1.0.1~6.6.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192", rpm:"mozilla-js192~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191", rpm:"mozilla-xulrunner191~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-devel", rpm:"mozilla-xulrunner191-devel~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs", rpm:"mozilla-xulrunner191-gnomevfs~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-common", rpm:"mozilla-xulrunner191-translations-common~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-other", rpm:"mozilla-xulrunner191-translations-other~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192", rpm:"mozilla-xulrunner192~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-buildsymbols", rpm:"mozilla-xulrunner192-buildsymbols~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-devel", rpm:"mozilla-xulrunner192-devel~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome", rpm:"mozilla-xulrunner192-gnome~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common", rpm:"mozilla-xulrunner192-translations-common~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other", rpm:"mozilla-xulrunner192-translations-other~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"python-xpcom191", rpm:"python-xpcom191~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.0.11~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~2.0.11~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-irc", rpm:"seamonkey-irc~2.0.11~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-venkman", rpm:"seamonkey-venkman~2.0.11~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192-32bit", rpm:"mozilla-js192-32bit~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-32bit", rpm:"mozilla-xulrunner191-32bit~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs-32bit", rpm:"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.16~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-32bit", rpm:"mozilla-xulrunner192-32bit~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome-32bit", rpm:"mozilla-xulrunner192-gnome-32bit~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common-32bit", rpm:"mozilla-xulrunner192-translations-common-32bit~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other-32bit", rpm:"mozilla-xulrunner192-translations-other-32bit~1.9.2.13~0.1.1", rls:"openSUSE11.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "openSUSE11.3") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~3.6.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~3.6.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-common", rpm:"MozillaFirefox-translations-common~3.6.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-other", rpm:"MozillaFirefox-translations-other~3.6.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird", rpm:"MozillaThunderbird~3.0.11~0.5.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-devel", rpm:"MozillaThunderbird-devel~3.0.11~0.5.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-common", rpm:"MozillaThunderbird-translations-common~3.0.11~0.5.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaThunderbird-translations-other", rpm:"MozillaThunderbird-translations-other~3.0.11~0.5.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"enigmail", rpm:"enigmail~1.0.1~4.5.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192", rpm:"mozilla-js192~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191", rpm:"mozilla-xulrunner191~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-devel", rpm:"mozilla-xulrunner191-devel~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs", rpm:"mozilla-xulrunner191-gnomevfs~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-common", rpm:"mozilla-xulrunner191-translations-common~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-translations-other", rpm:"mozilla-xulrunner191-translations-other~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192", rpm:"mozilla-xulrunner192~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-buildsymbols", rpm:"mozilla-xulrunner192-buildsymbols~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-devel", rpm:"mozilla-xulrunner192-devel~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome", rpm:"mozilla-xulrunner192-gnome~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common", rpm:"mozilla-xulrunner192-translations-common~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other", rpm:"mozilla-xulrunner192-translations-other~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"python-xpcom191", rpm:"python-xpcom191~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-irc", rpm:"seamonkey-irc~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-common", rpm:"seamonkey-translations-common~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-other", rpm:"seamonkey-translations-other~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-venkman", rpm:"seamonkey-venkman~2.0.11~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-js192-32bit", rpm:"mozilla-js192-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-32bit", rpm:"mozilla-xulrunner191-32bit~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner191-gnomevfs-32bit", rpm:"mozilla-xulrunner191-gnomevfs-32bit~1.9.1.16~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-32bit", rpm:"mozilla-xulrunner192-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-gnome-32bit", rpm:"mozilla-xulrunner192-gnome-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-common-32bit", rpm:"mozilla-xulrunner192-translations-common-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-xulrunner192-translations-other-32bit", rpm:"mozilla-xulrunner192-translations-other-32bit~1.9.2.13~0.2.1", rls:"openSUSE11.3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
Related
nessus
nessus
openSUSE Security Update : seamonkey (seamonkey-3690)
2014-06-13 00:00:00
openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3689)
2011-05-05 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-3688)
2014-06-13 00:00:00
openvas
openvas
SuSE Update for MozillaFirefox,MozillaThunderbird,Seamonkey SUSE-SA:2011:003
2011-01-11 00:00:00
Mandriva Update for firefox MDVSA-2010:251-2 (firefox)
2010-12-28 00:00:00
Mandriva Update for firefox MDVSA-2010:251-2 (firefox)
2010-12-28 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-12-09 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
2010-12-10 00:00:00
Mozilla Foundation Security Advisory 2010-74
2010-12-10 00:00:00
Mozilla Foundation Security Advisory 2010-82
2010-12-10 00:00:00
debian
debian
[BSA-013] Security Update for iceweasel
2011-01-02 19:45:28
[SECURITY] [DSA 2132-1] New xulrunner packages fix several vulnerabilities
2010-12-11 12:03:17
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2011-01-05 11:25:44
centos
centos
firefox security update
2011-01-27 08:53:21
seamonkey security update
2011-01-27 08:55:30
thunderbird security update
2011-01-27 08:58:08
fedora
fedora
[SECURITY] Fedora 13 Update: galeon-2.0.7-36.fc13
2010-12-10 20:25:42
[SECURITY] Fedora 14 Update: perl-Gtk2-MozEmbed-0.08-6.fc14.22
2010-12-10 20:27:49
[SECURITY] Fedora 13 Update: gnome-web-photo-0.9-15.fc13
2010-12-10 20:25:42
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2010-12-09 00:00:00
Thunderbird vulnerabilities
2010-12-09 00:00:00
oraclelinux
oraclelinux
firefox security update
2010-12-10 00:00:00
seamonkey security update
2010-12-10 00:00:00
thunderbird security update
2011-02-10 00:00:00
redhat
redhat
(RHSA-2010:0966) Critical: firefox security update
2010-12-09 00:00:00
(RHSA-2010:0967) Critical: seamonkey security update
2010-12-09 00:00:00
(RHSA-2010:0969) Moderate: thunderbird security update
2010-12-09 00:00:00
osv
osv
xulrunner - several vulnerabilities
2010-12-11 00:00:00
mozilla
mozilla
Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16) — Mozilla
2010-12-09 00:00:00
Incomplete fix for CVE-2010-0179 — Mozilla
2010-12-09 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:52:33
Arbitrary Code Execution
2020-04-10 00:52:31
Arbitrary Code Execution
2020-04-10 00:52:29
nvd
nvd
cvelist
cvelist
ubuntucve
ubuntucve
cve
cve
prion
prion
Design/Logic Flaw
2010-12-10 19:00:00
Buffer overflow
2010-12-10 19:00:00
Design/Logic Flaw
2010-12-10 19:00:00
zdi
zdi
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
10
Confidence
High
EPSS
0.458
Percentile
97.5%
Related for OPENVAS:1361412562310850158