Lucene search
Copyright (C) 2008 Greenbone AGOPENVAS:136141256231090014HistoryJun 17, 2008 - 12:00 a.m.
Mozilla Firefox, Thunderbird, Seamonkey: Multiple Vulnerabilities (MFSA2008-14) - Linux
2008-06-1700:00:00
Copyright (C) 2008 Greenbone AG
plugins.openvas.org
34
9.5 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.105 Low
EPSS
Percentile
94.9%
Mozilla Firefox, Thunderbird and Seamonkey are prone to multiple
vulnerabilities.
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.90014");
script_version("2024-02-12T05:05:32+0000");
script_tag(name:"last_modification", value:"2024-02-12 05:05:32 +0000 (Mon, 12 Feb 2024)");
script_tag(name:"creation_date", value:"2008-06-17 20:22:38 +0200 (Tue, 17 Jun 2008)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2008-1238", "CVE-2008-1240", "CVE-2008-1241", "CVE-2008-0412", "CVE-2008-0416");
script_name("Mozilla Firefox, Thunderbird, Seamonkey: Multiple Vulnerabilities (MFSA2008-14) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("General");
script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2008-14/");
script_tag(name:"summary", value:"Mozilla Firefox, Thunderbird and Seamonkey are prone to multiple
vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"impact", value:"Mozilla contributors moz_bug_r_a4, Boris Zbarsky, and Johnny
Stenback reported a series of vulnerabilities which allow scripts from page content to run with
elevated privileges. moz_bug_r_a4 demonstrated additional variants of MFSA2007-25 and MFSA2007-35
(arbitrary code execution through XPCNativeWrapper pollution). Additional vulnerabilities reported
separately by Boris Zbarsky, Johnny Stenback, and moz_bug_r_a4 showed that the browser could be
forced to run JavaScript code using the wrong principal leading to universal XSS and arbitrary
code execution.");
script_tag(name:"solution", value:"All Users should upgrade to the latest versions of Firefox,
Thunderbird or Seamonkey.");
script_tag(name:"deprecated", value:TRUE); # This VT is broken in many ways...
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
exit(0);
}
exit(66);
Related
openvas
openvas
Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Windows)
2008-06-17 00:00:00
Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)
2008-06-17 00:00:00
Ubuntu: Security Advisory (USN-592-1)
2009-03-23 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-592-1)
2008-03-28 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (12b336c6-fe36-11dc-b09c-001c2514716c)
2008-03-31 00:00:00
openSUSE 10 Security Update : seamonkey (seamonkey-5153)
2008-04-11 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-03-26 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2008-03-28 00:00:00
Mozilla Foundation Security Advisory 2008-13
2008-03-26 00:00:00
Mozilla Foundation Security Advisory 2008-16
2008-03-26 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-03-26 00:00:00
seebug
seebug
Mozilla Firefox字符编码跨站脚本漏洞
2008-05-23 00:00:00
Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.13版本修复多个安全漏洞
2008-03-31 00:00:00
cve
cve
ubuntucve
ubuntucve
prion
prion
Cross site scripting
2008-02-12 03:00:00
Code injection
2008-03-27 10:44:00
Cross site request forgery (csrf)
2008-03-27 10:44:00
mozilla
mozilla
Multiple XSS vulnerabilities from character encoding — Mozilla
2008-03-25 00:00:00
HTTP Referrer spoofing with malformed URLs — Mozilla
2008-03-25 00:00:00
XUL popup spoofing variant (cross-tab popups) — Mozilla
2008-03-25 00:00:00
veracode
veracode
Phishing Attack
2020-04-10 00:22:22
Access Control Bypass
2020-04-10 00:22:22
Arbitrary Code Execution
2020-04-10 00:19:44
suse
suse
remote code execution in MozillaFirefox
2008-04-04 15:01:05
debian
debian
[SECURITY] [DSA 1532-1] New xulrunner packages fix several vulnerabilities
2008-03-27 22:01:06
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities
2008-03-28 13:48:02
[SECURITY] [DSA 1534-2] New iceape packages fix regression
2008-04-24 21:02:40
osv
osv
fedora
fedora
[SECURITY] Fedora 8 Update: devhelp-0.16.1-6.fc8
2008-03-26 17:14:06
[SECURITY] Fedora 7 Update: devhelp-0.13-15.fc7
2008-03-26 17:11:47
[SECURITY] Fedora 8 Update: gnome-python2-extras-2.19.1-13.fc8
2008-03-26 17:14:05
centos
centos
thunderbird security update
2008-04-10 17:03:24
firefox security update
2008-03-27 14:36:53
redhat
redhat
(RHSA-2008:0209) Moderate: thunderbird security update
2008-04-03 00:00:00
(RHSA-2008:0207) Critical: firefox security update
2008-03-26 00:00:00
oraclelinux
oraclelinux
firefox security update
2008-03-27 00:00:00
thunderbird security update
2008-04-03 00:00:00
9.5 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.105 Low
EPSS
Percentile
94.9%
Related for OPENVAS:136141256231090014