Lucene search

K

Mozilla Firefox Security Advisory (MFSA2013-41) - Linux

🗓️ 11 Nov 2021 00:00:00Reported by Copyright (C) 2021 Greenbone Networks GmbHType 
openvas
 openvas
🔗 plugins.openvas.org👁 13 Views

This host is missing a security update for Mozilla Firefox, affecting versions below 21 on Linux

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Mozilla
Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6) — Mozilla
14 May 201300:00
mozilla
NVD
CVE-2013-1669
16 May 201311:45
nvd
NVD
CVE-2013-0801
16 May 201311:45
nvd
UbuntuCve
CVE-2013-1669
14 May 201300:00
ubuntucve
UbuntuCve
CVE-2013-0801
14 May 201300:00
ubuntucve
CVE
CVE-2013-1669
16 May 201311:45
cve
CVE
CVE-2013-0801
16 May 201311:45
cve
Prion
Memory corruption
16 May 201311:45
prion
Prion
Memory corruption
16 May 201311:45
prion
Cvelist
CVE-2013-1669
16 May 201310:00
cvelist
Rows per page
# Copyright (C) 2021 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

CPE = "cpe:/a:mozilla:firefox";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.2.1.2013.41");
  script_cve_id("CVE-2013-0801", "CVE-2013-1669");
  script_tag(name:"creation_date", value:"2021-11-11 09:42:47 +0000 (Thu, 11 Nov 2021)");
  script_version("2021-11-15T10:47:05+0000");
  script_tag(name:"last_modification", value:"2021-11-15 10:47:05 +0000 (Mon, 15 Nov 2021)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");

  script_name("Mozilla Firefox Security Advisory (MFSA2013-41) - Linux");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2021 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("gb_firefox_detect_lin.nasl");
  script_mandatory_keys("mozilla/firefox/linux/detected");

  script_xref(name:"Advisory-ID", value:"MFSA2013-41");
  script_xref(name:"URL", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2013-41/");
  script_xref(name:"URL", value:"https://bugzilla.mozilla.org/buglist.cgi?bug_id=803228,834526,791432,865948,821850,837324,814552,826392,826588,855236,819775,822910,837007,843434,821479,826104,854001");
  script_xref(name:"URL", value:"https://bugzilla.mozilla.org/buglist.cgi?bug_id=808402,787283,849597,866544,852315,864558");

  script_tag(name:"summary", value:"This host is missing a security update for Mozilla Firefox.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
Mozilla developers identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain circumstances, and we
presume that with enough effort at least some of these could be exploited to run
arbitrary code.");

  script_tag(name:"affected", value:"Firefox version(s) below 21.");

  script_tag(name:"solution", value:"The vendor has released an update. Please see the reference(s) for more information.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"executable_version_unreliable");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!infos = get_app_version_and_location(cpe: CPE, exit_no_version: TRUE))
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_is_less(version: version, test_version: "21")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "21", install_path: location);
  security_message(port: 0, data: report);
  exit(0);
}

exit(99);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
11 Nov 2021 00:00Current
8.1High risk
Vulners AI Score8.1
EPSS0.087
13
.json
Report