Lucene search
Copyright (C) 2015 Greenbone Networks GmbHOPENVAS:1361412562310851132HistoryNov 10, 2015 - 12:00 a.m.
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1942-1)
2015-11-1000:00:00
Copyright (C) 2015 Greenbone Networks GmbH
plugins.openvas.org
24
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
The remote host is missing an update for the
# Copyright (C) 2015 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.851132");
script_version("2023-11-02T05:05:26+0000");
script_tag(name:"last_modification", value:"2023-11-02 05:05:26 +0000 (Thu, 02 Nov 2023)");
script_tag(name:"creation_date", value:"2015-11-10 06:11:47 +0100 (Tue, 10 Nov 2015)");
script_cve_id("CVE-2015-4513", "CVE-2015-4514", "CVE-2015-4515", "CVE-2015-4518",
"CVE-2015-7181", "CVE-2015-7182", "CVE-2015-7183", "CVE-2015-7185",
"CVE-2015-7186", "CVE-2015-7187", "CVE-2015-7188", "CVE-2015-7189",
"CVE-2015-7190", "CVE-2015-7191", "CVE-2015-7192", "CVE-2015-7193",
"CVE-2015-7194", "CVE-2015-7195", "CVE-2015-7196", "CVE-2015-7197",
"CVE-2015-7198", "CVE-2015-7199", "CVE-2015-7200");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2017-11-04 01:29:00 +0000 (Sat, 04 Nov 2017)");
script_tag(name:"qod_type", value:"package");
script_name("openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1942-1)");
script_tag(name:"summary", value:"The remote host is missing an update for the 'MozillaFirefox'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Mozilla Firefox was updated to version 42.0, fixing bugs and security
issues. Mozilla xulrunner was updated to xulrunner 38.4.0. Seamonkey was
updated to 2.39.
New features in Mozilla Firefox:
* Private Browsing with Tracking Protection blocks certain Web elements
that could be used to record your behavior across sites
* Control Center that contains site security and privacy controls
* Login Manager improvements
* WebRTC improvements
* Indicator added to tabs that play audio with one-click muting
* Media Source Extension for HTML5 video available for all sites
Security fixes:
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514 Miscellaneous memory safety
hazards
* MFSA 2015-117/CVE-2015-4515 (bmo#1046421) Information disclosure through
NTLM authentication
* MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692) CSP bypass due to
permissive Reader mode whitelist
* MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only) Firefox for
Android addressbar can be removed after fullscreen mode
* MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only) Reading
sensitive profile files through local HTML file on Android
* MFSA 2015-121/CVE-2015-7187 (bmo#1195735) disabling scripts in Add-on
SDK panels has no effect
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP
address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image
interactions in canvas
* MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only) Android intents
can be used on Firefox for Android to open privileged files
* MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only) XSS attack
through intents on Firefox for Android
* MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only) Crash when
accessing HTML tables with accessibility tools on OS X
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed
when non-standard Content-Type headers are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar
through zip files
* MFSA 2015-129/CVE-2015-7195 (bmo#1211871) Certain escaped characters in
host of Location-header are being treated as non-escaped
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection
crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1188010,
bmo#1204061, bmo#1204155) Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy
bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015- ...
Description truncated, please see the referenced URL(s) for more information.");
script_tag(name:"affected", value:"MozillaFirefox, on openSUSE 13.2, openSUSE 13.1");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_xref(name:"openSUSE-SU", value:"2015:1942-1");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=(openSUSE13\.2|openSUSE13\.1)");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSE13.2") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-buildsymbols", rpm:"MozillaFirefox-buildsymbols~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debuginfo", rpm:"MozillaFirefox-debuginfo~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debugsource", rpm:"MozillaFirefox-debugsource~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-devel", rpm:"MozillaFirefox-devel~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-common", rpm:"MozillaFirefox-translations-common~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-other", rpm:"MozillaFirefox-translations-other~42.0~50.4", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3", rpm:"libfreebl3~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo", rpm:"libfreebl3-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3", rpm:"libsoftokn3~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo", rpm:"libsoftokn3-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr", rpm:"mozilla-nspr~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo", rpm:"mozilla-nspr-debuginfo~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debugsource", rpm:"mozilla-nspr-debugsource~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-devel", rpm:"mozilla-nspr-devel~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss", rpm:"mozilla-nss~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs", rpm:"mozilla-nss-certs~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo", rpm:"mozilla-nss-certs-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo", rpm:"mozilla-nss-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debugsource", rpm:"mozilla-nss-debugsource~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-devel", rpm:"mozilla-nss-devel~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit", rpm:"mozilla-nss-sysinit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo", rpm:"mozilla-nss-sysinit-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools", rpm:"mozilla-nss-tools~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools-debuginfo", rpm:"mozilla-nss-tools-debuginfo~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-debugsource", rpm:"seamonkey-debugsource~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-irc", rpm:"seamonkey-irc~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-common", rpm:"seamonkey-translations-common~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-other", rpm:"seamonkey-translations-other~2.39~23.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-32bit", rpm:"libfreebl3-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo-32bit", rpm:"libfreebl3-debuginfo-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-32bit", rpm:"libsoftokn3-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo-32bit", rpm:"libsoftokn3-debuginfo-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-32bit", rpm:"mozilla-nspr-32bit~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo-32bit", rpm:"mozilla-nspr-debuginfo-32bit~4.10.10~9.1", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-32bit", rpm:"mozilla-nss-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-32bit", rpm:"mozilla-nss-certs-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo-32bit", rpm:"mozilla-nss-certs-debuginfo-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo-32bit", rpm:"mozilla-nss-debuginfo-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-32bit", rpm:"mozilla-nss-sysinit-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo-32bit", rpm:"mozilla-nss-sysinit-debuginfo-32bit~3.20.1~19.2", rls:"openSUSE13.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "openSUSE13.1") {
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox", rpm:"MozillaFirefox~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-branding-upstream", rpm:"MozillaFirefox-branding-upstream~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-buildsymbols", rpm:"MozillaFirefox-buildsymbols~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debuginfo", rpm:"MozillaFirefox-debuginfo~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-debugsource", rpm:"MozillaFirefox-debugsource~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-devel", rpm:"MozillaFirefox-devel~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-common", rpm:"MozillaFirefox-translations-common~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"MozillaFirefox-translations-other", rpm:"MozillaFirefox-translations-other~42.0~94.4", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3", rpm:"libfreebl3~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo", rpm:"libfreebl3-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3", rpm:"libsoftokn3~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo", rpm:"libsoftokn3-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr", rpm:"mozilla-nspr~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo", rpm:"mozilla-nspr-debuginfo~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debugsource", rpm:"mozilla-nspr-debugsource~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-devel", rpm:"mozilla-nspr-devel~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss", rpm:"mozilla-nss~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs", rpm:"mozilla-nss-certs~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo", rpm:"mozilla-nss-certs-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo", rpm:"mozilla-nss-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debugsource", rpm:"mozilla-nss-debugsource~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-devel", rpm:"mozilla-nss-devel~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit", rpm:"mozilla-nss-sysinit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo", rpm:"mozilla-nss-sysinit-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools", rpm:"mozilla-nss-tools~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-tools-debuginfo", rpm:"mozilla-nss-tools-debuginfo~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-debugsource", rpm:"seamonkey-debugsource~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-irc", rpm:"seamonkey-irc~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-common", rpm:"seamonkey-translations-common~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"seamonkey-translations-other", rpm:"seamonkey-translations-other~2.39~59.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-32bit", rpm:"libfreebl3-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libfreebl3-debuginfo-32bit", rpm:"libfreebl3-debuginfo-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-32bit", rpm:"libsoftokn3-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libsoftokn3-debuginfo-32bit", rpm:"libsoftokn3-debuginfo-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-32bit", rpm:"mozilla-nspr-32bit~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nspr-debuginfo-32bit", rpm:"mozilla-nspr-debuginfo-32bit~4.10.10~25.1", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-32bit", rpm:"mozilla-nss-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-32bit", rpm:"mozilla-nss-certs-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-certs-debuginfo-32bit", rpm:"mozilla-nss-certs-debuginfo-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-debuginfo-32bit", rpm:"mozilla-nss-debuginfo-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-32bit", rpm:"mozilla-nss-sysinit-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"mozilla-nss-sysinit-debuginfo-32bit", rpm:"mozilla-nss-sysinit-debuginfo-32bit~3.20.1~62.2", rls:"openSUSE13.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
Related
nessus
nessus
openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss / etc (openSUSE-2015-718)
2015-11-10 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (9d04936c-75f1-4a2c-9ade-4c1708be5df9)
2015-11-20 00:00:00
Firefox < 42 Multiple Vulnerabilities (Mac OS X)
2015-11-05 00:00:00
kaspersky
kaspersky
KLA10689 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-11-03 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-11-03 00:00:00
suse
suse
openvas
openvas
Ubuntu: Security Advisory (USN-2785-1)
2015-11-05 00:00:00
Mozilla Firefox Multiple Vulnerabilities (Nov 2015) - Windows
2015-11-09 00:00:00
Mozilla Firefox Multiple Vulnerabilities (Nov 2015) - Mac OS X
2015-11-09 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2015-11-04 00:00:00
Thunderbird vulnerabilities
2015-12-01 00:00:00
NSS vulnerabilities
2015-11-04 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-11-04 00:00:00
nss: arbitrary code execution
2015-11-06 00:00:00
mageia
mageia
Updated iceape packages fix security vulnerabilities
2015-11-17 00:36:58
Updated firefox, nspr, nss packages fix security vulnerability
2015-11-04 21:03:05
Updated thunderbird packages fix security vulnerability
2015-11-28 02:11:20
debian
debian
[SECURITY] [DSA 3393-1] iceweasel security update
2015-11-04 18:42:15
[SECURITY] [DSA 3410-1] icedove security update
2015-12-01 22:21:29
[SECURITY] [DLA 354-1] nss security update
2015-11-29 16:37:17
centos
centos
firefox security update
2015-11-04 15:58:03
thunderbird security update
2015-11-27 06:41:12
nspr, nss security update
2015-11-04 15:57:04
ibm
ibm
Security Bulletin: Vulnerability in libxml, openssh, PAM, Firefox, affects IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:30:14
redhat
redhat
(RHSA-2015:1982) Critical: firefox security update
2015-11-04 00:00:00
(RHSA-2015:2519) Important: thunderbird security update
2015-11-26 00:00:00
(RHSA-2015:2068) Critical: nss, nss-util, and nspr security update
2015-11-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:43:40
Privilege Escalation
2019-05-02 05:43:39
Brute Force Attack
2019-05-02 05:43:40
oraclelinux
oraclelinux
firefox security update
2015-11-04 00:00:00
thunderbird security update
2015-11-27 00:00:00
nss, nss-util, and nspr security update
2015-11-04 00:00:00
slackware
slackware
[slackware-security] mozilla-nss
2015-11-06 17:08:58
mozilla
mozilla
NSS and NSPR memory corruption issues — Mozilla
2015-11-03 00:00:00
Vulnerabilities found through code inspection — Mozilla
2015-11-03 00:00:00
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) — Mozilla
2015-11-03 00:00:00
f5
f5
amazon
amazon
Critical: nspr, nss-util, nss, jss
2015-11-05 01:58:00
symantec
symantec
SA119 : Multiple NSS Vulnerabilities
2016-03-22 08:00:00
osv
osv
nss - security update
2015-11-29 00:00:00
prion
prion
Design/Logic Flaw
2015-11-05 05:59:00
Memory corruption
2015-11-05 05:59:00
Buffer overflow
2015-11-05 05:59:00
ubuntucve
ubuntucve
cve
cve
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-12-30 00:00:00
debiancve
debiancve
CVE-2015-7181
2015-11-05 05:59:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.091 Low
EPSS
Percentile
94.6%
Related for OPENVAS:1361412562310851132