Debian Security Advisory DSA 1485-2 (icedove)

2008-03-19T00:00:00

Description

The remote host is missing an update to icedove announced via advisory DSA 1485-2.

{"id": "OPENVAS:60575", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1485-2 (icedove)", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 1485-2.", "published": "2008-03-19T00:00:00", "modified": "2017-07-07T00:00:00", "epss": [{"cve": "CVE-2008-0417", "epss": 0.01275, "percentile": 0.84172, "modified": "2023-11-19"}, {"cve": "CVE-2008-0412", "epss": 0.09818, "percentile": 0.94231, "modified": "2023-11-19"}, {"cve": "CVE-2008-0419", "epss": 0.06421, "percentile": 0.92942, "modified": "2023-11-19"}, {"cve": "CVE-2008-0594", "epss": 0.02001, "percentile": 0.87585, "modified": "2023-11-19"}, {"cve": "CVE-2008-0593", "epss": 0.00561, "percentile": 0.75116, "modified": "2023-11-19"}, {"cve": "CVE-2008-0413", "epss": 0.15203, "percentile": 0.95299, "modified": "2023-11-19"}, {"cve": "CVE-2008-0418", "epss": 0.00955, "percentile": 0.81489, "modified": "2023-11-19"}, {"cve": "CVE-2008-0416", "epss": 0.00819, "percentile": 0.79896, "modified": "2023-11-19"}, {"cve": "CVE-2008-0592", "epss": 0.05966, "percentile": 0.92671, "modified": "2023-11-19"}, {"cve": "CVE-2008-0414", "epss": 0.01233, "percentile": 0.83879, "modified": "2023-11-19"}, {"cve": "CVE-2008-0415", "epss": 0.00694, "percentile": 0.77934, "modified": "2023-11-19"}, {"cve": "CVE-2008-0591", "epss": 0.02863, "percentile": 0.89656, "modified": "2023-11-19"}], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=60575", "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "immutableFields": [], "lastseen": "2017-07-24T12:49:43", "viewCount": 8, "enchantments": {"score": {"value": 1.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0103", "CESA-2008:0104", "CESA-2008:0104-01", "CESA-2008:0105", "CESA-2008:0208", "CESA-2008:0208-01"]}, {"type": "cert", "idList": ["VU:309608", "VU:879056"]}, {"type": "cve", "idList": ["CVE-2007-3090", "CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1484-1:87969", "DEBIAN:DSA-1485-1:95345", "DEBIAN:DSA-1485-2:D3677", "DEBIAN:DSA-1489-1:68AB5", "DEBIAN:DSA-1506-1:BBA3D", "DEBIAN:DSA-1506-2:54D82"]}, {"type": "fedora", "idList": ["FEDORA:M1D4PHXM003988", "FEDORA:M1D4PHXN003988", "FEDORA:M1D4PHXO003988", "FEDORA:M1D4PHXP003988", "FEDORA:M1D4PHXQ003988", "FEDORA:M1D4PHXR003988", "FEDORA:M1D4PHXS003988", "FEDORA:M1D4PHXT003988", "FEDORA:M1D4PIXI003989", "FEDORA:M1D4PIXJ003989", "FEDORA:M1D4PIXK003989", "FEDORA:M1D4PIXL003989", "FEDORA:M1D4PIXM003989", "FEDORA:M1D4PIXN003989", "FEDORA:M1D4QHXF004158", "FEDORA:M1D559HS005482", "FEDORA:M1D559HT005482", "FEDORA:M1D559HU005482", "FEDORA:M1D559HV005482", "FEDORA:M1D559HW005482", "FEDORA:M1D559HX005482", "FEDORA:M1D559HY005482", "FEDORA:M1D559RM005480", "FEDORA:M1D559RN005480", "FEDORA:M1D559RO005480", "FEDORA:M1D559RP005480", "FEDORA:M1D559RQ005480", "FEDORA:M1D559RR005480", "FEDORA:M1D559RS005480", "FEDORA:M1D559RT005480", "FEDORA:M1D559RU005480", "FEDORA:M1DFACWB003439", "FEDORA:M1SLCPXW026397", "FEDORA:M1SLK2VB027437"]}, {"type": "freebsd", "idList": ["810A5197-E0D9-11DC-891A-02061B08FC24"]}, {"type": "gentoo", "idList": ["GLSA-200805-18"]}, {"type": "mozilla", "idList": ["MFSA2008-01", "MFSA2008-02", "MFSA2008-03", "MFSA2008-04", "MFSA2008-05", "MFSA2008-06", "MFSA2008-08", "MFSA2008-09", "MFSA2008-10", "MFSA2008-11", "MFSA2008-13"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0103.NASL", "CENTOS_RHSA-2008-0104.NASL", "CENTOS_RHSA-2008-0105.NASL", "CENTOS_RHSA-2008-0208.NASL", "DEBIAN_DSA-1484.NASL", "DEBIAN_DSA-1485.NASL", "DEBIAN_DSA-1489.NASL", "DEBIAN_DSA-1506.NASL", "FEDORA_2008-1435.NASL", "FEDORA_2008-1459.NASL", "FEDORA_2008-1535.NASL", "FEDORA_2008-1669.NASL", "FEDORA_2008-2060.NASL", "FEDORA_2008-2118.NASL", "FREEBSD_PKG_810A5197E0D911DC891A02061B08FC24.NASL", "GENTOO_GLSA-200805-18.NASL", "MANDRIVA_MDVSA-2008-048.NASL", "MANDRIVA_MDVSA-2008-062.NASL", "MOZILLA_FIREFOX_20012.NASL", "MOZILLA_THUNDERBIRD_20012.NASL", "NETSCAPE_BROWSER_9006.NASL", "ORACLELINUX_ELSA-2008-0103.NASL", "ORACLELINUX_ELSA-2008-0104.NASL", "ORACLELINUX_ELSA-2008-0105.NASL", "ORACLELINUX_ELSA-2008-0208.NASL", "REDHAT-RHSA-2008-0103.NASL", "REDHAT-RHSA-2008-0104.NASL", "REDHAT-RHSA-2008-0105.NASL", "REDHAT-RHSA-2008-0208.NASL", "SEAMONKEY_118.NASL", "SLACKWARE_SSA_2008-061-01.NASL", "SL_20080207_FIREFOX_ON_SL4_X.NASL", "SL_20080207_SEAMONKEY_ON_SL3_X.NASL", "SL_20080207_THUNDERBIRD_ON_SL4_X.NASL", "SUSE_EPIPHANY-5102.NASL", "SUSE_MOZILLA-XULRUNNER-5118.NASL", "SUSE_MOZILLA-XULRUNNER-5123.NASL", "SUSE_MOZILLAFIREFOX-5001.NASL", "SUSE_MOZILLAFIREFOX-5002.NASL", "SUSE_MOZILLATHUNDERBIRD-5095.NASL", "SUSE_MOZILLATHUNDERBIRD-5098.NASL", "SUSE_SEAMONKEY-5011.NASL", "SUSE_SEAMONKEY-5012.NASL", "UBUNTU_USN-576-1.NASL", "UBUNTU_USN-582-1.NASL", "UBUNTU_USN-582-2.NASL", "UBUNTU_USN-592-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122612", "OPENVAS:136141256231060523", "OPENVAS:136141256231065196", "OPENVAS:1361412562310830624", "OPENVAS:1361412562310830675", "OPENVAS:1361412562310870023", "OPENVAS:1361412562310870039", "OPENVAS:1361412562310870044", "OPENVAS:1361412562310870047", "OPENVAS:1361412562310880017", "OPENVAS:1361412562310880022", "OPENVAS:1361412562310880036", "OPENVAS:1361412562310880054", "OPENVAS:1361412562310880131", "OPENVAS:1361412562310880136", "OPENVAS:1361412562310880157", "OPENVAS:1361412562310880161", "OPENVAS:1361412562310880164", "OPENVAS:1361412562310880191", "OPENVAS:1361412562310880203", "OPENVAS:1361412562310880228", "OPENVAS:1361412562310880270", "OPENVAS:1361412562310880271", "OPENVAS:1361412562310880295", "OPENVAS:136141256231090014", "OPENVAS:60362", "OPENVAS:60363", "OPENVAS:60364", "OPENVAS:60441", "OPENVAS:60456", "OPENVAS:60523", "OPENVAS:60615", "OPENVAS:61052", "OPENVAS:65196", "OPENVAS:830624", "OPENVAS:830675", "OPENVAS:840192", "OPENVAS:840238", "OPENVAS:840285", "OPENVAS:840287", "OPENVAS:850020", "OPENVAS:860051", "OPENVAS:860054", "OPENVAS:860105", "OPENVAS:860109", "OPENVAS:860127", "OPENVAS:860184", "OPENVAS:860212", "OPENVAS:860234", "OPENVAS:860269", "OPENVAS:860287", "OPENVAS:860306", "OPENVAS:860316", "OPENVAS:860415", "OPENVAS:860417", "OPENVAS:860429", "OPENVAS:860442", "OPENVAS:860467", "OPENVAS:860512", "OPENVAS:860538", "OPENVAS:860588", "OPENVAS:860601", "OPENVAS:860616", "OPENVAS:860637", "OPENVAS:860664", "OPENVAS:860679", "OPENVAS:860693", "OPENVAS:860714", "OPENVAS:860719", "OPENVAS:860787", "OPENVAS:860797", "OPENVAS:860802", "OPENVAS:860822", "OPENVAS:860857", "OPENVAS:860975", "OPENVAS:870023", "OPENVAS:870039", "OPENVAS:870044", "OPENVAS:870047", "OPENVAS:880017", "OPENVAS:880022", "OPENVAS:880036", "OPENVAS:880054", "OPENVAS:880131", "OPENVAS:880136", "OPENVAS:880157", "OPENVAS:880161", "OPENVAS:880164", "OPENVAS:880191", "OPENVAS:880203", "OPENVAS:880228", "OPENVAS:880270", "OPENVAS:880271", "OPENVAS:880295", "OPENVAS:90013", "OPENVAS:90014"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0103", "ELSA-2008-0104", "ELSA-2008-0105", "ELSA-2008-0208"]}, {"type": "osv", "idList": ["OSV:DSA-1484-1", "OSV:DSA-1485-2", "OSV:DSA-1489-1", "OSV:DSA-1506-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0103", "RHSA-2008:0104", "RHSA-2008:0105", "RHSA-2008:0208"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19033", "SECURITYVULNS:DOC:19034", "SECURITYVULNS:DOC:19035", "SECURITYVULNS:DOC:19036", "SECURITYVULNS:DOC:19037", "SECURITYVULNS:DOC:19038", "SECURITYVULNS:DOC:19039", "SECURITYVULNS:DOC:19040", "SECURITYVULNS:DOC:19041", "SECURITYVULNS:DOC:19042", "SECURITYVULNS:DOC:19515", "SECURITYVULNS:VULN:8648", "SECURITYVULNS:VULN:8838"]}, {"type": "seebug", "idList": ["SSV:2926", "SSV:3319"]}, {"type": "slackware", "idList": ["SSA-2008-061-01"]}, {"type": "suse", "idList": ["SUSE-SA:2008:008"]}, {"type": "ubuntu", "idList": ["USN-576-1", "USN-582-1", "USN-582-2", "USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0412", "UB:CVE-2008-0413", "UB:CVE-2008-0414", "UB:CVE-2008-0415", "UB:CVE-2008-0416", "UB:CVE-2008-0417", "UB:CVE-2008-0418", "UB:CVE-2008-0419", "UB:CVE-2008-0591", "UB:CVE-2008-0592", "UB:CVE-2008-0593", "UB:CVE-2008-0594"]}, {"type": "veracode", "idList": ["VERACODE:23212", "VERACODE:23213", "VERACODE:23214", "VERACODE:23216", "VERACODE:23217", "VERACODE:23218", "VERACODE:23220", "VERACODE:23221", "VERACODE:23222"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0103", "CESA-2008:0104", "CESA-2008:0104-01", "CESA-2008:0105", "CESA-2008:0208", "CESA-2008:0208-01"]}, {"type": "cert", "idList": ["VU:879056"]}, {"type": "cve", "idList": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1484-1:87969"]}, {"type": "fedora", "idList": ["FEDORA:M1D4PHXO003988"]}, {"type": "freebsd", "idList": ["810A5197-E0D9-11DC-891A-02061B08FC24"]}, {"type": "mozilla", "idList": ["MFSA2008-04"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0208.NASL", "NETSCAPE_BROWSER_9006.NASL", "ORACLELINUX_ELSA-2008-0104.NASL", "ORACLELINUX_ELSA-2008-0208.NASL", "SL_20080207_THUNDERBIRD_ON_SL4_X.NASL", "SUSE_MOZILLA-XULRUNNER-5118.NASL", "UBUNTU_USN-582-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310880131", "OPENVAS:1361412562310880157", "OPENVAS:1361412562310880191", "OPENVAS:1361412562310880271", "OPENVAS:60363", "OPENVAS:860184", "OPENVAS:860857", "OPENVAS:860975", "OPENVAS:880164", "OPENVAS:880270"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0208"]}, {"type": "redhat", "idList": ["RHSA-2008:0105"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:19037", "SECURITYVULNS:DOC:19515"]}, {"type": "seebug", "idList": ["SSV:2926", "SSV:3319"]}, {"type": "slackware", "idList": ["SSA-2008-061-01"]}, {"type": "ubuntu", "idList": ["USN-592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-0414", "UB:CVE-2008-0416", "UB:CVE-2008-0593"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2008-0417", "epss": "0.018810000", "percentile": "0.865990000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0412", "epss": "0.126510000", "percentile": "0.945290000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0419", "epss": "0.064210000", "percentile": "0.925420000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0594", "epss": "0.020010000", "percentile": "0.870590000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0593", "epss": "0.005660000", "percentile": "0.744060000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0413", "epss": "0.152030000", "percentile": "0.949330000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0418", "epss": "0.009550000", "percentile": "0.808640000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0416", "epss": "0.003740000", "percentile": "0.684830000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0592", "epss": "0.060130000", "percentile": "0.923210000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0414", "epss": "0.012330000", "percentile": "0.833010000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0415", "epss": "0.006940000", "percentile": "0.771090000", "modified": "2023-03-15"}, {"cve": "CVE-2008-0591", "epss": "0.028630000", "percentile": "0.891540000", "modified": "2023-03-15"}], "vulnersScore": 1.1}, "_state": {"dependencies": 1700428195, "score": 1700428594, "epss": 0}, "_internal": {"score_hash": "34f4110082ea42175df26f17d64f02e4"}, "pluginID": "60575", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1485_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1485-2 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A regression has been fixed in icedove's frame handling code. For\nreference you can find the original update below:\n\nSeveral remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch2.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 1485-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201485-2\";\n\n\nif(description)\n{\n script_id(60575);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-03-19 20:30:32 +0100 (Wed, 19 Mar 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1485-2 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"debian": [{"lastseen": "2023-12-07T18:34:53", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1484-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 10, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : xulrunner\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nSeveral remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\n "hong" and Gregory Fleisher discovered that file input focus\n vulnerabilities in the file upload control could allow information\n disclosure of local files.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0417\n\n Justin Dolske discovered that the password storage machanism could\n be abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which could lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\n It was discovered that malformed content declarations of saved\n attachments could prevent a user in the opening local files\n with a ".txt" file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\n Martin Straka discovered that insecure stylesheet handling during\n redirects could lead to information disclosure.\n\nCVE-2008-0594\n\n Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing\n protections could be bypassed with <div> elements.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.0.15~pre080131b-0etch1.\n\nThe old stable distribution (sarge) doesn't contain xulrunner.\n\nWe recommend that you upgrade your xulrunner packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b.orig.tar.gz\n Size/MD5 checksum: 42973580 d79eb23c39acecdd77b75e21f60f1ed7\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1.dsc\n Size/MD5 checksum: 1984 3be3e9cea71684c38875204f26b4991f\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1.dsc\n Size/MD5 checksum: 1984 51d5d15af381b1cb1c7a53b86403eaaa\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1.diff.gz\n Size/MD5 checksum: 146050 71b08cb7e88e9979cc95f8b266f32314\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a.orig.tar.gz\n Size/MD5 checksum: 42937342 47a9192461a2810f3c723886f7eca283\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1.diff.gz\n Size/MD5 checksum: 145864 b0e482844e8b0868b8897a6800e77975\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul-dev_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 2633898 2c0c7ae96e9278637bb81af28fd7f925\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul-dev_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 2634120 2387467e43b34edc7e5bdabd0cd5f756\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul-common_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 1050378 ffe37ceeea4eda6261b77d25ec6b3f38\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 176062 af6d7a398fb5eabbc9f581d0c8c7f7ed\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-dev_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 230070 83c168fa21244c230c0d2df159626bb9\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-dev_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 206794 de905a84614b3cb44f5fd54ebd416e2d\n http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs1_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 35414 b45b2ef1471867ca5c446023c7a46c3f\n http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs-dev_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 35822 1dc6f6b43e6cc7c38acd8943ef86d697\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul-common_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 1050002 52eec73387a5e36a5ffe8cbb5e7f3203\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 1029292 81006ec854a8834da8e113c63e176d9a\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 175770 eb3affe3c479e8bf3005d586ce56fb5e\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-dev_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 206536 37919c2a5d4ca2c021e09a7dfab052f1\n http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs1_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 35784 dc71cd4970b2cb41d13e39d03936a61a\n http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs-dev_1.8.0.15~pre080131a-0etch1_all.deb\n Size/MD5 checksum: 35450 30ac22d7e6fef1e1e3c39ff95bdf7951\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 1029436 8acd28a5da001860fb32d956a0c88c45\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-dev_1.8.0.15~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 230362 1ca1b510e995e263ed9354e66f4528eb\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 300982 48d43a6cfd1600028589560d7b040265\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 291128 3b4dcdb6e4ecd609a1c6056b728ca288\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 906354 4feeaee98fdb8d5f56860bcf94954564\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 3186292 2557eac0d85c069fcfdb5830f1f75590\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 764336 cd2af94cc30bed1ee9cd2327d2589143\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 385230 25c81071ee590a4eae5ac7555986acce\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 7329400 fb6d733eddc6bfbdfbb6193f4f65310f\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 130240 162aefa99f09b206ae7f3a3d1f420699\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 45948622 3426f00b33d6097ee98f3fc09495a1c9\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 52342 e1cc8197d761872f98e5992d5aa8fee6\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 738446 ab60bbfa0fd9530d9bce9fa3c93376b6\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 70402 0cec5fa10dcb21a2378a9f0e7c8f189d\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 161168 f46b0777b133822c5c5ad389829d0194\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 753432 c8c962830a17b8ab975d8aeef960e803\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 147500 b37b5d6a85d991db43a18c6c94bbcf8c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 68282 35d18dd0fdbc3948e696a6fe4d12afc1\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 45145750 59972f75638dbd035a86341b39f79832\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 303680 69dec62893e18e9dda4ef28f9832ee7c\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 276986 650983885aaef6ba70dda601b07d8ecb\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 45147940 ec7a996914e129b796acfcb86abac487\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 125210 c50e21bfbf2edfc9277c67caa0ac163b\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 808142 9f8593791ce1752eefafc9ec88c5dcd4\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 3174014 7426545d5a3f56ce648019a76d8c0867\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 303446 73757ffad29d0a1e742711fbda071665\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 51678 84e1b4e4747b081883c05d825b88a36a\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 3173420 ca68b574627a63924fb19ebca8c672c4\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 354378 9e67f3e42f33ca7a5e44a0544b92b4ec\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 669282 1ad49fa8d4698bac3b0f6bd7886bbe30\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 808492 a99f3db09934b7bdd3e00ebe81889f66\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 6327570 c17bfaef24a64d8d0cb8c730dc023baf\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 52062 7de4f3fe458386edce1c1e832476e64e\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 124804 1005cc5d3d6f505d6a303db0f179cf4d\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 147864 6e083997dd2452e26982fc0dd2c8e719\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 752848 2ea7f2567a7ca60fa4476dea03241278\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 6328008 7b8f4db75a18132fac5b103d12d81d3c\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 669644 6587efbb34209f66048072eb052ab833\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 354708 041297ad5a40f025fef6c235a94afb43\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 277434 7fa6328b4d0d66fcd1b1908fcfe5fe9f\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131a-0etch1_amd64.deb\n Size/MD5 checksum: 67946 44d5fc415eb1d43b6869523926747738\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 49456 22e65d343a41af6443408bc0223992eb\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 135634 17f99aa17baaceb02a769fdeda294cd0\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 324576 7521322a51ac65c32c8e67f8a2095ef0\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 44664474 fbff4a59f8b2034fb108fef12a6c12ae\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 117832 5496f9db06bb197885ae1ff7371daed0\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 730656 c2a86cce88556d00553cd703cfd2c12f\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 2968402 4e5ba6e87b2fb6967b4f821680b64a58\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 5355970 369f8776b78c73b6db7d51fb46850e62\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 61692 b9a3d7e1b32e271a25b7b2b8173e0f33\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 258892 49d11772c74e03931100e9d02f23f35d\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 593128 9e31d92168b146532d07a21e6bc7bdfd\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 289292 0f902cb061feaf34cee6e60d46e6ef47\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 703358 6649a66e3c628d932de2345a4ecef221\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 710732 397aa33947cc7f0da183ac261274ffa3\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 295572 b6e2e388939b49af9a396debf1e90b66\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 627208 8048ec98892b5cebeb7e17a55b9a7d6f\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 62710 89595874bc60ef85b36270580e20613b\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 5368326 f7664ccc035943f851f01e3992681b5d\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 44624964 770c4b5ad23a1d6f200425a564f84e45\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 49588 023481e8c7f2e78e11561a040a3a1693\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 116676 a9e74b2ae216480367d0c8bafae57054\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 266700 fbbf2519f94a17ed2427a5dbf916c784\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 741590 a205d2bdc8889cd78c1adb8c99804f28\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 334708 944e8037955e913e0c8157c3257d71a6\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 3032758 663e70e607fa567760f68362da20b19a\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 138698 cc1fcfeef25b88a8b94ed853c0af67ad\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 56574 0bbeccb1ce17be00a8887e0902829e0f\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 531052 770b95f6a5e30262b102bb04a684dadb\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 286474 7932d0a227db4dbed963bab2b38890b0\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 45357506 339751b77c0e193d43f016b46eca0635\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 197948 30bffc4adc86f7e49292c145a0ef455e\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 9663880 e103905d48fa01fe650323a522ff6954\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 79762 b789747fdbf8b08dea00a16ebb6f924c\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 3051164 28f374f15fecccd28bea59064b0c52fd\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 936678 692aa35342cbbfb656cdd43a0f355ab3\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 755838 e55303e75fa0dcaab2c893eebd7695fa\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 1121196 4f382bd65f60b39c17e6e66faeb4108a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 332634 5ec04e80c91099cd2dde29047316244a\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 149144 15ebb931cd15a83f4fb539e22982cd39\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 784330 e89bba3330bc0a61ad525e165819e69e\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 311760 351292979a7488097b17f907a1e92820\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 808276 ee9acac231e6fff310ceb0c626c6d1cb\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 351380 06ecbda29c2cea54510c941b6ed31134\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 118024 049421e624a450aada091b2d07ba70ba\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 145710 14c35662677be2aed778ee7400c2c79b\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 274308 7c68191e462f1460927c7be8bdb7e182\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 669768 557b80e4f86e977f42b9e2b996880a86\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 46687762 ef81d10fea89271a855e01b334833717\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 3289098 054cae9b445a045e43c12dfc93cd3356\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 50716 e733f66563d7bb1f764e7c34709fda37\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 63434 3a69abf92a663bfe95f684ccefe4983f\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 5944088 e08a07f98ed2adeaa9e74a4e0a7d213c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 273732 fe3e41fc6cbe013c8262215834a28119\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 304800 50416b404580e7188876d94d8eb9015c\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 3186108 070e831b5104759d2803b16ecddb17da\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 5739368 0eccc3edddac7afaa2cf484c4469aaf7\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 349968 1bc48c752746f6f2c34a60b22fdb38ee\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 669626 55f71a4cfd9ac9ba5a091a3dd41d268a\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 64012 9353c1b44e4ee9f494d8478c11573fb5\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 51284 b6312a4640f0d138871ba08df9f948fc\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 117726 da80f2a5b2c8c8192351d017cd9b0d68\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 765160 9cbf5e4f1e664a282a8d76ce8bad69a2\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 784644 8b52671434cb8e15818eb13d33bc665e\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 145286 3adcf75154f79421081e4d18d59d22d6\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 45292438 ca6193ec62287b980a58a711d62cffcc\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 52536 a9ec3762768c9ad67ed70b7a8cd6edc0\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 639322 7e0aa68f51162bf3d5597954e66c7385\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 310200 36d405b11f1cd0ace489150394d741bd\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 63916 03451c765e218e3548a5dc2d53f1a2e8\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 772648 4ea5bdf6b37ff7832948ac76e5766139\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 348628 8da80d959e39efee0e5cd20251cc39bb\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 277876 8bb9e0b00e4f46c07ad604b45a4f4eeb\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 147032 78d723c27aafbdd33e83901d13722a14\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 46874596 f2e11607412d686b798f878361deeeff\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 6099098 50dde844e2f1fae3452307098a12d08c\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 3207150 5428a19c432e674817b061b5e31e1f02\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 809362 45fa89e5a2af0c2dcbeadc06c27bd36a\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 123126 754648cbc07a2cc987321d68d6a78b3f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 281618 1bd2653b2fd2113706d81b02b150a560\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 755162 dcbac1d2a435ff374aa305aad5f72464\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 371488 d6ea73f2efa87c87f32401998a7f99ea\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 898132 011e5bed5cb5d4f2a457882938acae81\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 305854 22d76ea19b1920a5a2572ae1a497d983\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 3180818 62b62889a169b71c07ca3d03f35704d1\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 52772 4c8f071150c61fbb402cbd891dd6ac66\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 68908 0ede3f190162f44e8b70aad56daa6229\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 687716 30847b7306c14e25b498e73e9fd7dd0a\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 126058 795a33ce780ebae00a31998d0ef37057\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 159618 573178b3a9c6d426ee31178d5a129c35\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 6801218 5824b818bb24185d2313f4bc21d61a7c\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 46003092 8cbe685cb014f00d9ad20320166c84de\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 135832 e9fb59db7db4cf8115b0f0c31e9fa02d\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 2853772 1a5ba8494429e218af457c41e386ffa4\n http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 117874 e0f3af0c4ad032d8733ecdbcbde742bd\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 718812 26e1bcaa5c6e9c8ba33bf38ba9ca5094\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 260112 3a376a641bcd399fa7edfd6aeeda02a6\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 5676820 6ef1646cdaaa3f92b27a9f1e5fee2ae4\n http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 44719838 da7ac96f4867146786a4e4c0d6394aa3\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 673966 23dd041a33c8358ef3670e572ad35b2d\n http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 322360 b1495cfeabbb859be0ad55779ba90d04\n http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 50658 52359135ca3b9e3304de344c671ee659\n http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 283234 7675926943bd9f7d5f296c5360bae2c3\n http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 62208 52394124b19e044fe376363c82fce3b4\n http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 585246 26a306c978adab161746d1ba6d4d0f2a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-02-10T20:23:48", "type": "debian", "title": "[SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-02-10T20:23:48", "id": "DEBIAN:DSA-1484-1:87969", "href": "https://lists.debian.org/debian-security-announce/2008/msg00049.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T18:35:04", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1485-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 10, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : icedove\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nSeveral remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which can lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch1.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc\n Size/MD5 checksum: 1934 47d17cda0ae1ec315855f996e37a0ee2\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz\n Size/MD5 checksum: 35174191 b1a02873d5e320b1a208dbffc256baee\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15a.dfsg1-0etch1.diff.gz\n Size/MD5 checksum: 639864 5019118913d1598ea534ff58814a8fad\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz\n Size/MD5 checksum: 640166 c8a2dd2880fd468314e00a3dcdc9713a\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15a.dfsg1-0etch1.dsc\n Size/MD5 checksum: 1934 0277c98ec500cb111c9037b4acd46f37\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15a.dfsg1.orig.tar.gz\n Size/MD5 checksum: 35154860 50acd2143692a17a3726020c79efd792\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29070 3d934b7f3583e3a04a0bd193e45a3fa6\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29054 75b83c322479e095016108453ff7e862\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28752 207210cf6c217aedb2f0f08a087a4038\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29060 156f796fe78bbebda0b7e25fcf5dbe54\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28750 6082bb3816ce8c712db07c261b663d9b\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29074 b98a074d7074c155a6ba1df263419376\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28710 5262c9e6077043df59f04ac2c9cf76bd\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29042 620536610d06e9062eb8760cde3d990c\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29050 ce479eb792bfef00ae3161fd0d157a61\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28742 bdfa53f9153d29f2c09fc92992768505\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29072 cbae212a095f4aac3b30443328b5ad85\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29066 70d41408a7964be8d214b83c52f873d8\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29048 6665f3ce45a1c320dd55891bceb16f14\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28720 0652a52573e32d8643c8fe56d6d4422c\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 29032 32015cf440db3318d6459f6c60a17792\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28738 f5e76fde9c0fa999976c25de142e2933\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28752 80f05dce795e06a217831b3b49a98ea5\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28726 78fa3b134bcc31bfe0d76f2c2822b9a7\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28740 ab949d37a07944176d49a17bd6452915\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15a.dfsg1-0etch1_all.deb\n Size/MD5 checksum: 28728 2005767e5f5393b4d0cbebf5ba65858d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 13477574 3586070804bea29285203c0d710a918f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 201020 a3860a5f8ea5df9b1550f1b91a489282\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 52680 1845988f3eefd9eb4a4f1ff0ae579442\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 64830 1927b164d0d1de06860412201c70cbad\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 3959656 dfc28dccc2e40374cfad1ef967dba6af\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_alpha.deb\n Size/MD5 checksum: 52398982 dbfb06787432361c6c6b29db01797658\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 61508 7a29b7ebb0148d1dc10cf3184791de68\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 51479238 7546f24646bab864f479ea32fac82a5c\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 3678346 7f2501ff09f24d2a4fa384d531969897\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 51479136 f56252c61054eae347480d45fb3e845f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 196082 ff2443c7df9dff331f9f54050c191a88\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 52482 63a6d9b1e0d24dd0c19ba12472a353df\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 52126 18ad28ac6de6ec10a0b1c7f0d4c12400\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 3678234 4b53c36eadec973ac33961e5742b66bb\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 12175876 ef4f2cb4f8c6fea463fd1afd312a81bc\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 12176086 2ccb02753ddc07f672554b7cb0fcfc86\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 195766 cb0743a07f4c39a03e373a01006d035d\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15a.dfsg1-0etch1_amd64.deb\n Size/MD5 checksum: 61202 07ee675ef4abe42c7a815328838117bd\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 190188 d49cdf38bf863bb4474eb59012fcb93f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 59164 ca8d2f5c2675ecff0d0523020c186beb\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 3921168 aff4bbe777f2d3218884bf11ca7d903f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 50840516 be399e7f6a6c757dbc19f6fc940c2bab\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 47460 ef2213d60c4639700568a4e46cd69823\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_arm.deb\n Size/MD5 checksum: 10890196 3470ed870a82c96f0723fb1bd2f4be82\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 198992 e81f2d89f597b911fe0039f376cb6071\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 65160 8aaeb868e5deba710ebcef667d6bc0d2\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 13608366 e4467458a79b80c599043a5031399129\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 3687204 32e6df9922d3c3e9e3c30c59cd0d89d8\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 53822 227f6e6ed89384579939a71b513c654c\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_hppa.deb\n Size/MD5 checksum: 52304678 22339033b10f9f7cc264f1d1b6f49a39\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 50739726 8d281ab2f28aa46d2f45cabf38bbf5b6\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 58468 94da561a6c16dd61b4d67c5454bde263\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 10908248 b074acc60f11fe65f51123835aaf6563\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 48492 75b5a0dd4fb0eb5356447aadf473dd88\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 3674908 3f714044ed45a0865cae0ee8a3afbbfe\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_i386.deb\n Size/MD5 checksum: 191110 4bc9512a954cd2a1959f222e58410f13\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 74540 b94103c0acece46ae23b9a4184559ba0\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 205164 4e4cc75611d4c426bf3853f5b5fc913f\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 16555710 a753acd40202db1505db475a2b07f864\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 51782076 90f6f1d609fc6bb1da002042c4176144\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 59892 114f7dab7046fd2b829ee73c11673ffd\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_ia64.deb\n Size/MD5 checksum: 3727334 ac550246f7050e9e990cab2b41e8e307\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 58660 37b7e382b913d32fd45b56a900144fa9\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 48156 0506a2b5cf3217a0166604642cb3fc0e\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 11605890 bc3cbfe3c00029a23b8c534eb095293e\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 3947208 37c2f220a567efc7bf857ff663a14eaa\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 53115496 16d60f83edc41d2013b2b2e4c7688dce\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mips.deb\n Size/MD5 checksum: 192834 fba067d4a1f28460717326ab9ae587a4\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 3682680 b15523a9b11e167180ce538c22dc7e8e\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 59106 9251493e24dd6caf9492a190e1369273\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 11359948 600b1ca471f3a5a2daac335e6ed65107\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 49440 ab77a977ef3502f4757a2323659cded3\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 51683256 51f5272cb9f400636744ab6ff2c8ce12\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_mipsel.deb\n Size/MD5 checksum: 192436 86101919ad16ae491d06c0f83060f0d1\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 60886 a9424e09ad82b64db9d1d65bbd7556d5\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 50054 52f349cfd8a85b106c706327762b81a8\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 193124 b58c8e8eb9b6d1b2be4f8aa0fd779914\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 53293062 910fdc0bcc50371aa0e2838a0a89916d\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 11805588 abc0b4e82912b742c5119e9edc4e7489\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_powerpc.deb\n Size/MD5 checksum: 3677676 311d4ff42e46e793e90ddfe6911d194f\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 197844 b4385940911f567c17ac3cc3ac9fc104\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 12835874 02f93e3ecb6316b3d3babf2ad9deaddb\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 53086 bc9e0b2d5c06d15f5cb4e88ec212f40a\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 62660 b2bf4a97ea54e1a763ccbf6aef9d6c88\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 3681442 b9a4130ab7d39167b5c4ed88120960e4\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_s390.deb\n Size/MD5 checksum: 52154828 7b31678e0368e0d4f5f7161a5c97a4a4\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 3671540 1b82017a4f3a5865aedf3c29606c4cae\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 48550 95504b7be39d3be94d5700c93d6cd508\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 58548 47ad983571038b9cdf942209ad9e5015\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 190634 475b3ce08529ed49e51d429a07d1b31f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 50636272 fe393a565f673bf90d0ac4a0cfdcd19b\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_sparc.deb\n Size/MD5 checksum: 11116646 e52cdfe384360f7055c7b45ad53b7a6b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-02-10T20:39:19", "type": "debian", "title": "[SECURITY] [DSA 1485-1] New icedove packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-02-10T20:39:19", "id": "DEBIAN:DSA-1485-1:95345", "href": "https://lists.debian.org/debian-security-announce/2008/msg00050.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T18:34:47", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1489-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 10, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nSeveral remote vulnerabilities have been discovered in the Iceweasel\nweb browser, an unbranded version of the Firefox browser. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\n "hong" and Gregory Fleisher discovered that file input focus\n vulnerabilities in the file upload control could allow information\n disclosure of local files.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0417\n\n Justin Dolske discovered that the password storage machanism could\n be abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which can lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\n It was discovered that malformed content declarations of saved\n attachments could prevent a user in the opening local files\n with a ".txt" file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\n Martin Straka discovered that insecure stylesheet handling during\n redirects could lead to information disclosure.\n\nCVE-2008-0594\n\n Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing\n protections could be bypassed with <div> elements.\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.0.0.12-0etch1.\n\nThe Mozilla products from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceweasel packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12.orig.tar.gz\n Size/MD5 checksum: 43522779 34cb9e2038afa635dac9319a0f113be8\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1.dsc\n Size/MD5 checksum: 1289 568c8d5661721888aa75724f4ec76cf9\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1.diff.gz\n Size/MD5 checksum: 186174 96e7907d265cdf00b81785db4e2ab6c4\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/iceweasel/firefox_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54290 97f40d39e73fba4b90c79a514ab89f18\n http://security.debian.org/pool/updates/main/i/iceweasel/firefox-gnome-support_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54146 ef3dbcc83837bc5c86ecdb3295716e23\n http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-dom-inspector_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54026 91815e0777f6249b4ba95bbeb38cee0c\n http://security.debian.org/pool/updates/main/i/iceweasel/firefox-dom-inspector_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54176 1b7640fa33604225b347b8fd368163a0\n http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54816 97db059f2fc4f52bd4d2389f724e8378\n http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-gnome-support_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 54026 969ad8b6ed5b8b0dea8cd5d3414c1485\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dom-inspector_2.0.0.12-0etch1_all.deb\n Size/MD5 checksum: 239356 4309e0a07163450b9d7ce65103b39b80\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_alpha.deb\n Size/MD5 checksum: 90934 5e1bdb44f0484fd2111a1541276b99dd\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_alpha.deb\n Size/MD5 checksum: 51062530 72e80dbe1969eae96b4d9ed57aa89122\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_alpha.deb\n Size/MD5 checksum: 11553820 0cea194c903903bb98b53cc349b89dbf\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_amd64.deb\n Size/MD5 checksum: 50060784 8639ed04300fac0705c47c27338fdfbb\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_amd64.deb\n Size/MD5 checksum: 87564 79c23f813fc543121275f4a974833c82\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_amd64.deb\n Size/MD5 checksum: 10182710 bb8bbff82040dc0c04e98ac477a5a691\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_hppa.deb\n Size/MD5 checksum: 89302 2867a60e5385e94188bf66f38f992a29\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_hppa.deb\n Size/MD5 checksum: 11031094 f5926d349e00706a548fdb4f6c02dbac\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_hppa.deb\n Size/MD5 checksum: 50426978 4228e87f68b21f2627069a320603263d\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_i386.deb\n Size/MD5 checksum: 9096292 1c535164988178a3d6b889f9d44f31e8\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_i386.deb\n Size/MD5 checksum: 81706 a7ca2818a1d14730077724e3acaf615f\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_i386.deb\n Size/MD5 checksum: 49451404 3525c3b01dd1142815513cc0d390493f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_ia64.deb\n Size/MD5 checksum: 14120046 8d6c6253c001988251523976eee216a1\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_ia64.deb\n Size/MD5 checksum: 99914 3a4bd7bd5ab87d20bbf5a962411ae4fa\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_ia64.deb\n Size/MD5 checksum: 50400330 dfa48b54a479b7f305c899bc3f395f92\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_mips.deb\n Size/MD5 checksum: 53844792 613a7bc03c43510bcb09e09d33bce694\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_mips.deb\n Size/MD5 checksum: 82810 e673433c89d7a74e95b86ed1a264fa5b\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_mips.deb\n Size/MD5 checksum: 11038906 5f60ab9a24ad69a5b8c17ef69f31ef83\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_mipsel.deb\n Size/MD5 checksum: 82872 e9fcd10390f6241f8ddc9c996807afe0\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_mipsel.deb\n Size/MD5 checksum: 10735706 dcc381a4d6a0d26a0d69afb0696955db\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_mipsel.deb\n Size/MD5 checksum: 52399756 ffa41f602d079d778355e5a4a7cbde18\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_powerpc.deb\n Size/MD5 checksum: 9913630 75da2ef9f6915fc6961cc56755f6b8fb\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_powerpc.deb\n Size/MD5 checksum: 83434 0b65d7b061d42bfb5ae48c9fb2f65e05\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_powerpc.deb\n Size/MD5 checksum: 51852988 59f76c278e30b86d7e3caaab603d774e\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_s390.deb\n Size/MD5 checksum: 87788 6cc1b69d90583e765b1f54bdd8ec88a4\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_s390.deb\n Size/MD5 checksum: 10339140 dd605f3c893a9fd281ee68c940faaea7\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_s390.deb\n Size/MD5 checksum: 50726238 fdc527fd80bb0383ea8ef02dca684f16\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.12-0etch1_sparc.deb\n Size/MD5 checksum: 81548 f4e489f39594fda6a3a3498aea9bd986\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.12-0etch1_sparc.deb\n Size/MD5 checksum: 9122208 28632988671ede31388d9caa46a5cfe9\n http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.12-0etch1_sparc.deb\n Size/MD5 checksum: 49060394 1008a6ee3a9f8a3b6e46b766e62af10a\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-02-10T20:46:22", "type": "debian", "title": "[SECURITY] [DSA 1489-1] New iceweasel packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-02-10T20:46:22", "id": "DEBIAN:DSA-1489-1:68AB5", "href": "https://lists.debian.org/debian-security-announce/2008/msg00051.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T13:07:12", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1485-2 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 17, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : icedove\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nA regression has been fixed in icedove's frame handling code. For\nreference you can find the original update below:\n\nSeveral remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which can lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch2.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2.diff.gz\n Size/MD5 checksum: 641080 8da0c046148daa841941f8fdf7d3a468\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz\n Size/MD5 checksum: 35174191 b1a02873d5e320b1a208dbffc256baee\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2.dsc\n Size/MD5 checksum: 1934 ad83c84fbfa37e05030f04ab2beea2f0\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29162 6aba3762846d6cc855b59449938897a1\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29154 02b82cfbeda2ea8ada9a0646fc5c0691\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29142 cd038ed9a2e5a6b40da1f18a5a2debc0\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29162 283d27da1071b1039ab81c9aa2dcd11d\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29138 93dd70cced9714a43b34624bc2695571\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29150 397ae77f472a060749d09ffbcd6299f6\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29162 1fa418c580e8c82435f91ecd4bf41090\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29136 b2ffd7bea2f595a1f6fdc96af8e0be87\n http://security.debian.org/pool/updates/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29148 a3a86d0d519201557f17e58d54db82fc\n http://security.debian.org/pool/updates/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch2_all.deb\n Size/MD5 checksum: 29120 f318f2f878e868a74b1ead42db02fbff\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 3959884 710d3d698bf1179e55104abed949a6be\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 64920 a3e95ad0027ccfc73fc8fb63e52e7484\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 52788 a74420d45ab8a7ad2c435b2b54625570\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 13477550 8249b008b7de20fca03a4cead73e025d\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 201140 76410d580565d0e3877f34b88d68f977\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_alpha.deb\n Size/MD5 checksum: 52398862 626fc104e22aa5e728495fc143c9b604\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 51479922 fe1cc4dcd664e5c70d8c3394df0d61b0\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 12176406 b64a56a7f9e06df18f61f00918b62946\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 196168 e1b6a9ce58c58b8f14bc03cd41337e12\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 3678408 ef8c2f54f89929428b6f3df2b7c17089\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 52564 2a6ab2241730acdf6c3005259ef84098\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_amd64.deb\n Size/MD5 checksum: 61606 b748a3852ed2568670430065a6bcf5e2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 190242 f01dc34e5354e61cb9b284513983e027\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 47528 a8e89efce73f53de6675ea0bc29493dd\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 10890322 f1c712ab506e05dbfcf6ed15e40ab267\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 3921368 835fe66a9f284867ae50813ee52ea5b7\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 59264 d116e875887ef623ea57b88b28b6ddf0\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_arm.deb\n Size/MD5 checksum: 50840090 24a227e1250d063269c58c271ebca291\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 50740666 9b69293b1cbe427ed43818c1d2e18cc2\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 48564 34c53bb12a93738db67d7769b67f2044\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 191210 13114249b05826f62ba589e2eeac2d2a\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 58590 6e1bec505bc3795924c9c6f4c63570e9\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 10908406 aa36c6587227a61eb2cf9b5440671351\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_i386.deb\n Size/MD5 checksum: 3675024 95eed699227d9fbd5780c3d135a7d7d6\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 74640 c91145f299a8a2a1eb7046ea2aca52c6\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 3727470 a792a88b248cb0a337ce5ca83b588422\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 205256 6bcb0b58261a71e6e092d3b0058d4e7a\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 59970 1c67ec1fc7b615abd19c1389582baf1f\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 16555888 c50b8f8a39cc52c9c6ccd43bfd16e014\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_ia64.deb\n Size/MD5 checksum: 51781970 bb9ee0dcf256a786651f84adf2358a0a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 3947082 60d9ea6886588e9b41139780a903d69c\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 48240 e5734152adc186470325e182d4b34f70\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 11605920 2e0319113e5009c052cacc7d0307e813\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 53114874 f2f4750010657a7adcf2911c57608309\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 58754 6792b308b73e2150584ef6890a208552\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mips.deb\n Size/MD5 checksum: 192942 88e0819fe73b595444f3dbd3a59232db\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 3682858 c932cc8a6829ca16e1f395b8e55fbebe\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 51683616 b2813b38b94d3715df3fb42bf7c1dad9\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 59210 5077fb067f758e5b9c5dfcf930cbfae2\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 49522 e9ed5680a1d5ebc8afbb30d722ee6468\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 11360126 2078cd56ce9db6fb6245b1a9ee276482\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_mipsel.deb\n Size/MD5 checksum: 192540 fdac9d9b390940dead89c96b3a730432\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 3677952 a858d6b19632c1a9ae9914bc9a5adc5b\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 53293566 63c20de9258639ff550589c12af40f8b\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 60974 9f9e242dfbfbe84cde06b7b661fe0728\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 11805570 d15eac8917db32cb04a8eac9d73a9c17\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 193224 38fd2de7e4b8df743acb2217e54f8b04\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_powerpc.deb\n Size/MD5 checksum: 50124 61db63cfe9242e8379579bc3fcc32e88\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 62754 19a0e3377467c5a1e5fd53a5cd5070d4\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 3681554 395ed68c790698f0fcb30081ad1f9ea0\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 53184 9076795f592696f61c34c53ce29e1ebc\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 12835828 4d1137bbec37f67601f2a7eae99857b9\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 52154562 fc8a7b1ff7d7f9cae755629cd19dab80\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_s390.deb\n Size/MD5 checksum: 197916 f7832e2b34d9142799b992794753aac4\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 50636782 35d513348d5dda2d7f4c682a7f3f639f\n http://security.debian.org/pool/updates/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 190740 0b9a1afa87b0bb0e0bc3fa48d9e3e0bb\n http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 3671694 d890eeed08ecb1f0eeeff46f09bdeea3\n http://security.debian.org/pool/updates/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 11116804 ddb8b828546498479a3fddd718a0633c\n http://security.debian.org/pool/updates/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 58654 35ee94e3ae7339f642ffce1fa42a7c29\n http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch2_sparc.deb\n Size/MD5 checksum: 48644 147aa5f5592ba08bc7f2ec42453a6104\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-03-17T20:39:07", "type": "debian", "title": "[SECURITY] [DSA 1485-2] New icedove packages fix regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0416", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-03-17T20:39:07", "id": "DEBIAN:DSA-1485-2:D3677", "href": "https://lists.debian.org/debian-security-announce/2008/msg00088.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T13:07:50", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1506-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 24, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : iceape\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415\n CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591\n CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nSeveral remote vulnerabilities have been discovered in the Iceape internet\nsuite, an unbranded version of the Seamonkey Internet Suite. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\n "hong" and Gregory Fleisher discovered that file input focus\n vulnerabilities in the file upload control could allow information\n disclosure of local files.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0417\n\n Justin Dolske discovered that the password storage machanism could\n be abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which can lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\n It was discovered that malformed content declarations of saved\n attachments could prevent a user in the opening local files\n with a ".txt" file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\n Martin Straka discovered that insecure stylesheet handling during\n redirects could lead to information disclosure.\n\nCVE-2008-0594\n\n Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing\n protections could be bypassed with <div> elements.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch1.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b.orig.tar.gz\n Size/MD5 checksum: 43535826 39071cd311888d73254336b782109776\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch1.dsc\n Size/MD5 checksum: 1439 eaee68845cb7d4660609f6c47ac01666\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch1.diff.gz\n Size/MD5 checksum: 269895 fb6e3c3d3bc4a94773c1b4921fdb42d6\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/iceape/mozilla_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27208 91bbb99fad75c41e2df1170749014288\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-calendar_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27210 0233d457074aa58542b8662c2a54c48a\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-js-debugger_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27244 51f7e38462c1f39e0c662e4b58eca43a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-chatzilla_1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 281870 1e8faf69c0bbf186f1a6c1d199646ce6\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dev_1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 3927248 df30ff32e825d5ceb1630025a7d0ef88\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-dom-inspector_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27248 2b1e9711c1e80b9651b88e3dc19d4b76\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 28614 20c852fc8104981654bd6227a0602375\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-chatzilla_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27232 97c0a7e4b71cc083c711086dd160322a\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-dev_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27348 ad7233b5d98e1557cdc190d9cf6746df\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-mailnews_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27236 8ae02d5d250866771250e19e5bb967bb\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-psm_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 27220 6035bbc507f4fc30a0564aa18c5a3a98\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-browser_1.8+1.0.12~pre080131b-0etch1_all.deb\n Size/MD5 checksum: 28186 4997ba36f2c9aacf25eb9c41bf104d6f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 197832 c2be45e20e6834b19969e125925622a1\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 60612536 5fbbf1f26498f361c0aadc0535bdee92\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 53952 ef80eea66f161134bc52d0cdbf985f51\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 626136 542e77b2a6ad52a40d29ecafa76c15a7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 2282858 e915238d369b469d5911e10d92be0e99\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_alpha.deb\n Size/MD5 checksum: 12884578 9b5912dc643b38e5d3120d34d8685f16\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 59608524 146775d1bd21250e027006f9dbf90d6f\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 613832 6cb81b62325770fd1e2590908d0afda7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 195048 2ccb3800e4edcd8510d707a9ac4a5d7e\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 11687282 2fc3db14be5dd03b082497ab6f9ffc36\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 53366 8789d8dd06e30ce580ab37e94ec1d44b\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_amd64.deb\n Size/MD5 checksum: 2099654 99aef23fe234563ce99f3d8ce89b02d2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 1916734 bdda1babe619d6f11429f1fb813fc347\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 10421094 4cf350729bfeff5f0a6edba041e72be7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 58769074 99504f3ad7121ed31583e3c77c3086e2\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 586096 4c1e372a14bcbe1ec4b3046be24ced89\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 186930 33820091037a0e30e4271e8c8c462ff9\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_arm.deb\n Size/MD5 checksum: 47526 5244fa8a247df56a3f14c364107dc5b8\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 60480238 50ee40317fd63bd0c7d04022e21f8f76\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 2340460 70af4c1cfbd089e6a2ad548d1553093b\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 12958476 f2acc587b4c985c6ea939ed1bba53de9\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 615240 7e3158df6d488c6b0bfe7827cfce37ed\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 54444 c7ddb1f77645cd60689dbb7a5c4b2768\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_hppa.deb\n Size/MD5 checksum: 198108 967170dcf4a4a1d6687d2d0b55edaec8\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 1891212 ba923a32b2a34a9299cb4d5a8bad2d77\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 10469782 994f4b0fd8e4bd9af76fe013c7123bdc\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 588886 5856c66a12bf5a984668743b8b366cee\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 189766 ee9064d51a33a035b7a46de44d80249d\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 58697388 299a8786d15d0abb99d7fc6fe4b87b7f\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_i386.deb\n Size/MD5 checksum: 48438 de1f808e760ee3ca502efb8276875fbf\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 661876 a673cbf8efb0be476d2cd23dc514704a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 61898 cccd1556f5ee674a2c2f6ddf71522b39\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 59883340 f6ee758cb0b235682f20e2e22edd870a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 2817080 c0adbe387222eedf4d5cf7eff91a4657\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 204694 8aa8c681d136482bd2cda6563eacbfb9\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_ia64.deb\n Size/MD5 checksum: 15783590 960303c76c2be69aad2e4b7bfe4f542e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 61481346 66bc2a72517409d5334bc0ba40be51fd\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 599404 ff50ca675b598da75eb7f3ab08d34ee6\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 11154048 bd1cb7c5bc7136fd644eb9c87e7181b7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 1959202 7eb50924f7400d84008edffd0e9d6413\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 49884 80c1be2a4afb6ce7bf9fc785901704dd\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_mips.deb\n Size/MD5 checksum: 190950 006169fb68cb210f51fe52090be5050e\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 49768 42593decc9887241317c87567f8223b1\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 191194 78f3b008208527bf214ed516e85b13f3\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 59840612 0118b96a4f8d82286b8d5ccc946b6c0d\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 10905670 9874cc963f87d284d927d467eafc8c2f\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 595920 3024870501878bf13254165af3ac9686\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_mipsel.deb\n Size/MD5 checksum: 1942002 130b8ab791ae8591e22d9635362bf202\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 49232 e526eb3de3861503a826593f582f2932\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 596206 da0aa1d500d126ef390da42e3b3bc973\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 192018 6278d2517e0d32b3e5c42aa2f0010aef\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 61613310 b6b25ed7a498f98c3908efb7bd185e0a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 2006468 3253d618628235a609417783309079aa\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_powerpc.deb\n Size/MD5 checksum: 11304736 186491b14177328e4cdcc2c0599bee48\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 53962 937cb4b85e25812c189fde886a9ae8b8\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 196854 e838b4c9820b202ba25da00adca529e8\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 12282708 04c09a3bbbe96035301ffa3fa427d2e2\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 60369160 80e463d3e1abe4c6f2e44084c0af1cc6\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 611658 d51e50f35fa7f644e68719bd3c3e1cde\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_s390.deb\n Size/MD5 checksum: 2185818 4b702edba4ac2c7e85a22f499250fd40\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 1895872 2eb1f20b00c11d4f4330016aaa827d55\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 10652974 8ea3ab5df7323a302c0b9441222fb407\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 58513948 a455a4a30f354129f5ab3441fcb422af\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 585296 a57295461949681a7628c2c0aa603ccb\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 48038 5cba2cf78058d6dd4609cb895961298d\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch1_sparc.deb\n Size/MD5 checksum: 189644 bdc3c7725fed05757a888de08a4fa959\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-02-24T12:30:41", "type": "debian", "title": "[SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-02-24T12:30:41", "id": "DEBIAN:DSA-1506-1:BBA3D", "href": "https://lists.debian.org/debian-security-announce/2008/msg00070.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-07T13:07:09", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1506-2 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 20, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : iceape\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415\n CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591\n CVE-2008-0592 CVE-2008-0593 CVE-2008-0594\n\nA regression has been fixed in iceape's frame handling code. For\nreference you can find the original update below:\n\nSeveral remote vulnerabilities have been discovered in the Iceape internet\nsuite, an unbranded version of the Seamonkey Internet Suite. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\n Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\n Nickerson discovered crashes in the layout engine, which might allow\n the execution of arbitrary code.\n\nCVE-2008-0413\n\n Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",\n Philip Taylor and "tgirmann" discovered crashes in the Javascript\n engine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\n "hong" and Gregory Fleisher discovered that file input focus\n vulnerabilities in the file upload control could allow information\n disclosure of local files.\n\nCVE-2008-0415\n\n "moz_bug_r_a4" and Boris Zbarsky discovered discovered several\n vulnerabilities in Javascript handling, which could allow\n privilege escalation.\n\nCVE-2008-0417\n\n Justin Dolske discovered that the password storage machanism could\n be abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\n Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory\n traversal vulnerability in chrome: URI handling could lead to\n information disclosure.\n\nCVE-2008-0419\n\n David Bloom discovered a race condition in the image handling of\n designMode elements, which can lead to information disclosure or\n potentially the execution of arbitrary code.\n\nCVE-2008-0591\n\n Michal Zalewski discovered that timers protecting security-sensitive\n dialogs (which disable dialog elements until a timeout is reached)\n could be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\n It was discovered that malformed content declarations of saved\n attachments could prevent a user in the opening local files\n with a ".txt" file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\n Martin Straka discovered that insecure stylesheet handling during\n redirects could lead to information disclosure.\n\nCVE-2008-0594\n\n Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing\n protections could be bypassed with <div> elements.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch2.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch2.diff.gz\n Size/MD5 checksum: 270995 2a621606e7f50a736f0d071ade4fd52f\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b.orig.tar.gz\n Size/MD5 checksum: 43535826 39071cd311888d73254336b782109776\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch2.dsc\n Size/MD5 checksum: 1439 9763d1c74ce4301f14acbefbd9f5f49b\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dev_1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 3927430 ecd67a579a7de22c58812f101a3f8798\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-psm_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27352 cebcf83eac35b663e96d742a8ce0e22d\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-js-debugger_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27380 f7e68700518fe223b0a7847250065c8a\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-dom-inspector_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27392 852ff0430f7dda87f29ebf6115142c00\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-browser_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 28318 c365320890c3a5ed1d9b8229092b3261\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-dev_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27482 48d6bd50aabed44772e41da31e2659e7\n http://security.debian.org/pool/updates/main/i/iceape/mozilla_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27344 27da10e92c699333d85a40f9b8b82677\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-mailnews_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27370 d4385a93519282c9c23df59a2d96961f\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-calendar_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27350 4ad38b881319986efeb536575e113294\n http://security.debian.org/pool/updates/main/i/iceape/iceape-chatzilla_1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 282046 df765c828f73a254837fe2ac4a26990c\n http://security.debian.org/pool/updates/main/i/iceape/mozilla-chatzilla_1.8+1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 27364 6e76df8b5fc4f1a26da126f67b991c32\n http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.12~pre080131b-0etch2_all.deb\n Size/MD5 checksum: 28756 f008166db261ee31e99c280268c0c97f\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 626242 119f2bb9ea10019aaf93a6da91af9f6f\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 60612096 57fec5b1481c06363aab65970f501e39\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 2282966 722ade6b1062b8f1282a7bad0be58f5c\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 54116 25799cb038e973b0adef00131aa1dd6d\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 12885116 fd8028f357f5c12623854ca10df81f43\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_alpha.deb\n Size/MD5 checksum: 197954 5fd16ec58f64705c38b4cf8a908d11e5\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 195202 08c6a3b849b7181400bf3638079f3442\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 59609120 56bffd191157a8f8e4b0bbd3d143d571\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 11687018 8a1f2af506bfeaad0b10fe66dd7dfd33\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 613980 5f0bf1273ca35408b524463a20235592\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 2099746 544fda8f60b6914b81be215008b87da7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_amd64.deb\n Size/MD5 checksum: 53516 5f9e6648023ee92e9a4de1c4b75be2e2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 186994 2e6fe57a3b3651304afd19e7824d3f5c\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 10421172 40ff90ee1fbaa2fc4d1fbab6072485b4\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 58769568 b5f93f47e50fcd0fcdef16ceae742d13\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 1916830 39c250546337814cafb6b99376688fca\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 586310 b67e34b1919b7effb4c307ccbeab942e\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_arm.deb\n Size/MD5 checksum: 47628 ebed30f79a3601c7daef49660661ad82\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 54578 1f3439b60f505b153b13c297747419eb\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 2340648 3ab9d1562c560c7b9df184a38f9a6a11\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 615328 f023c06e4cff0f8d76b41d0096469d3a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 198252 a3a83f5be255320f2020d80df098dca9\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 12958594 f88a9c7c2f21c7d8ab6c01419f0cea7f\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_hppa.deb\n Size/MD5 checksum: 60479784 4c74b76cbf9032ffccb5294a93c17641\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 48572 cb473d812b961898fef36d16bab876ff\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 589088 5d671f8a6419358536a20b8d88c38ddf\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 10470634 83a3b24130b0300c6c05ebc9dbb3844c\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 189910 6f6659128de512017cf29ca9c30a166a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 58697514 16d427016239a37293ed07e6ac26cc50\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_i386.deb\n Size/MD5 checksum: 1891518 875b689733c2d8fe806ba836e29eb324\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 2817188 76070b2545ca8cab7d49bfa31375c587\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 15784184 cfba69a4ce574d82ecf5f3242d1f58dc\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 661962 446e3cb79b36ca09e887a9e0ceb3a855\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 62036 f619b963fbf6647837e31f7b1b4adbc4\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 204852 8ce30a3bcdd7c8344771ea5c9e333a1b\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_ia64.deb\n Size/MD5 checksum: 59883636 95627f56e1033f33150f1f9d376003ef\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 191112 5906efb6ca3dbe054e906f7b22f08437\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 61481162 3fd870051ce1abb7d9f4f21795ed26f3\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 11153962 ff7b7663327bee5dc0047e1e19e86144\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 1959382 907240b378aa04bc7303b86920dc0ad0\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 599576 fd0e3eaf3a9c2f0a8bccf9f0d86c9ec8\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_mips.deb\n Size/MD5 checksum: 50040 3aca9ae6ee5a6ae8f1aa84c5db300c88\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 191354 7eaf6aacbafbd0a4fdf44e7236c0938a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 49888 b292f596100550bebfa995d5257d9b94\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 59840188 850f4ce08b0844e113e9484d45599f4b\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 1942296 f0debfbf60133383ac7cd6283651981a\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 596036 6a83b253c357e53c2328d21465b0d86c\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_mipsel.deb\n Size/MD5 checksum: 10906082 2283d8b033adae277eb068df1bb04934\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 2006544 e50dbd0672c095d1e17441eff098da90\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 61612928 d68c54f558206a0494b7e9120ddd66fb\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 49364 6589fb88dcdc36db56fcc558682353ce\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 11304980 7fb0499168a1507a9a137fc45ae57ba1\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 596288 143f9b6509e38ae9c7a70d3450b6c962\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_powerpc.deb\n Size/MD5 checksum: 192164 3f981a2dc64f14c66ee30e4178df2da1\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 60369514 fa3b32d386daf6fb0ce1f7d0b20840c7\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 2185920 820309b77fcf5ac32c157e3708e6b5e2\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 611780 d7e128a4914cf2a65a84e742b106ff24\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 54086 b3a90c69d912cea90c1478e3448f4616\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 197022 4613b8a9f393a8d6e950c6b2a0ecd1e6\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_s390.deb\n Size/MD5 checksum: 12282472 96018b365bde6cb21ce2b822e8d68c9a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 585406 1205a79d265d0851ab47c422cf6fd9e6\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 58513920 c86edaca6caf4c2313d602e0f5bacbc9\n http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 189800 2eee769a043e3e8ab62ea64558982ee5\n http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 10653162 7672a64a0aded3237d111ddefcc16030\n http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 48158 1c3dbec97e1a32319e37a6fdcd1272ab\n http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.12~pre080131b-0etch2_sparc.deb\n Size/MD5 checksum: 1896086 775e67f07235627084efa3f7a1850327\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2008-03-20T01:41:06", "type": "debian", "title": "[SECURITY] [DSA 1506-2] New iceape packages fix regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0417", "CVE-2008-0418", "CVE-2008-0419", "CVE-2008-0591", "CVE-2008-0592", "CVE-2008-0593", "CVE-2008-0594"], "modified": "2008-03-20T01:41:06", "id": "DEBIAN:DSA-1506-2:54D82", "href": "https://lists.debian.org/debian-security-announce/2008/msg00092.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:50:20", "description": "The remote host is missing an update to xulrunner\nannounced via advisory DSA 1484-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1484-1 (xulrunner)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60363", "href": "http://plugins.openvas.org/nasl.php?oid=60363", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1484_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1484-1 (xulrunner)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in Xulrunner, a\nruntime environment for XUL applications. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\nhong and Gregory Fleisher discovered that file input focus\nvulnerabilities in the file upload control could allow information\ndisclosure of local files.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0417\n\nJustin Dolske discovered that the password storage machanism could\nbe abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which could lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\nIt was discovered that malformed content declarations of saved\nattachments could prevent a user in the opening local files\nwith a .txt file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\nMartin Straka discovered that insecure stylesheet handling during\nredirects could lead to information disclosure.\n\nCVE-2008-0594\n\nEmil Ljungdahl and Lars-Olof Moilanen discovered that phishing\nprotections could be bypassed with <div> elements.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.8.0.15~pre080131b-0etch1.\n\nThe old stable distribution (sarge) doesn't contain xulrunner.\n\nWe recommend that you upgrade your xulrunner packages.\";\ntag_summary = \"The remote host is missing an update to xulrunner\nannounced via advisory DSA 1484-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201484-1\";\n\n\nif(description)\n{\n script_id(60363);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1484-1 (xulrunner)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxul-dev\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul-common\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-dev\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmjs1\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsmjs-dev\", ver:\"1.8.0.15~pre080131a-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozillainterfaces-java\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmozjs0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-xpcom\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxul0d-dbg\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"spidermonkey-bin\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnss3-tools\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xulrunner-gnome-support\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libnspr4-0d\", ver:\"1.8.0.15~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:22", "description": "The remote host is missing an update to iceweasel\nannounced via advisory DSA 1489-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1489-1 (iceweasel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60364", "href": "http://plugins.openvas.org/nasl.php?oid=60364", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1489_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1489-1 (iceweasel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Iceweasel\nweb browser, an unbranded version of the Firefox browser. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0414\n\nhong and Gregory Fleisher discovered that file input focus\nvulnerabilities in the file upload control could allow information\ndisclosure of local files.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0417\n\nJustin Dolske discovered that the password storage machanism could\nbe abused by malicious web sites to corrupt existing saved passwords.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nCVE-2008-0592\n\nIt was discovered that malformed content declarations of saved\nattachments could prevent a user in the opening local files\nwith a .txt file name, resulting in minor denial of service.\n\nCVE-2008-0593\n\nMartin Straka discovered that insecure stylesheet handling during\nredirects could lead to information disclosure.\n\nCVE-2008-0594\n\nEmil Ljungdahl and Lars-Olof Moilanen discovered that phishing\nprotections could be bypassed with <div> elements.\n\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.0.0.12-0etch1.\n\nThe Mozilla products from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceweasel packages.\";\ntag_summary = \"The remote host is missing an update to iceweasel\nannounced via advisory DSA 1489-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201489-1\";\n\n\nif(description)\n{\n script_id(60364);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1489-1 (iceweasel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dom-inspector\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-gnome-support\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel-dbg\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceweasel\", ver:\"2.0.0.12-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:01", "description": "Check for the Version of galeon", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for galeon FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860664", "href": "http://plugins.openvas.org/nasl.php?oid=860664", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for galeon FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"galeon on Fedora 8\";\ntag_insight = \"Galeon is a web browser built around Gecko (Mozilla's rendering\n engine) and Necko (Mozilla's networking engine). It's a GNOME web\n browser, designed to take advantage of as many GNOME technologies as\n makes sense. Galeon was written to do just one thing - browse the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00383.html\");\n script_id(860664);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for galeon FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of galeon\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.4~1.fc8.2\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "Check for the Version of gtkmozembedmm", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gtkmozembedmm FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860127", "href": "http://plugins.openvas.org/nasl.php?oid=860127", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtkmozembedmm FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtkmozembedmm on Fedora 8\";\ntag_insight = \"This package provides a C++/gtkmm wrapper for GtkMozEmbed\n from Mozilla 1.4.x to 1.7.x.\n The wrapper provides a convenient interface for C++ programmers\n to use the Gtkmozembed HTML-rendering widget inside their software.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.html\");\n script_id(860127);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gtkmozembedmm FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gtkmozembedmm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtkmozembedmm\", rpm:\"gtkmozembedmm~1.4.2.cvs20060817~18.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:12", "description": "Check for the Version of yelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for yelp FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860287", "href": "http://plugins.openvas.org/nasl.php?oid=860287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for yelp FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"yelp on Fedora 8\";\ntag_insight = \"Yelp is the Gnome 2 help/documentation browser. It is designed\n to help you browse all the documentation on your system in\n one central tool.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00385.html\");\n script_id(860287);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for yelp FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of yelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~7.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:44", "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 1485-1.", "cvss3": {}, "published": "2008-02-15T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1485-1 (icedove)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60362", "href": "http://plugins.openvas.org/nasl.php?oid=60362", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1485_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1485-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Icedove mail\nclient, an unbranded version of the Thunderbird client. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2008-0412\n\nJesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul\nNickerson discovered crashes in the layout engine, which might allow\nthe execution of arbitrary code.\n\nCVE-2008-0413\n\nCarsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4, shutdown,\nPhilip Taylor and tgirmann discovered crashes in the Javascript\nengine, which might allow the execution of arbitrary code.\n\nCVE-2008-0415\n\nmoz_bug_r_a4 and Boris Zbarsky discovered discovered several\nvulnerabilities in Javascript handling, which could allow\nprivilege escalation.\n\nCVE-2008-0418\n\nGerry Eisenhaur and moz_bug_r_a4 discovered that a directory\ntraversal vulnerability in chrome: URI handling could lead to\ninformation disclosure.\n\nCVE-2008-0419\n\nDavid Bloom discovered a race condition in the image handling of\ndesignMode elements, which can lead to information disclosure or\npotentially the execution of arbitrary code.\n\nCVE-2008-0591\n\nMichal Zalewski discovered that timers protecting security-sensitive\ndialogs (which disable dialog elements until a timeout is reached)\ncould be bypassed by window focus changes through Javascript.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.5.0.13+1.5.0.15b.dfsg1-0etch1.\n\nThe Mozilla products in the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your icedove packages.\";\ntag_summary = \"The remote host is missing an update to icedove\nannounced via advisory DSA 1485-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201485-1\";\n\n\nif(description)\n{\n script_id(60362);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-15 23:29:21 +0100 (Fri, 15 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1485-1 (icedove)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-inspector\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"1.5.0.13+1.5.0.15a.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-inspector\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-typeaheadfind\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"1.5.0.13+1.5.0.15b.dfsg1-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of epiphany-extensions", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany-extensions FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860109", "href": "http://plugins.openvas.org/nasl.php?oid=860109", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany-extensions FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany-extensions on Fedora 7\";\ntag_insight = \"Epiphany Extensions is a collection of extensions for Epiphany, the\n GNOME web browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00273.html\");\n script_id(860109);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany-extensions FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of epiphany-extensions\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.3~7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:55", "description": "Check for the Version of chmsee", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for chmsee FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860442", "href": "http://plugins.openvas.org/nasl.php?oid=860442", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chmsee FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A gtk2 chm document viewer.\n\n It uses chmlib to extract files. It uses gecko to display pages. It supports\n displaying multilingual pages due to gecko. It features bookmarks and tabs.\n The tabs could be used to jump inside the chm file conveniently. Its UI is\n clean and handy, also is well localized. It is actively developed and\n maintained. The author of chmsee is Jungle Ji and several other great people.\n \n Hint\n * Unlike other chm viewers, chmsee extracts files from chm file, and then read\n and display them. The extracted files could be found in $HOME/.chmsee/bookshelf\n directory. You can clean those files at any time and there is a special config\n option for that.\n * The bookmark is related to each file so not all bookmarks will be loaded,\n only current file's.\n * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.\";\n\ntag_affected = \"chmsee on Fedora 8\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00375.html\");\n script_id(860442);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for chmsee FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of chmsee\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~1.0.0~1.28.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:00", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860306", "href": "http://plugins.openvas.org/nasl.php?oid=860306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 7\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.html\");\n script_id(860306);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for firefox FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~2.0.0.12~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:56", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065196", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021982.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65196\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0594\", \"CVE-2008-0593\", \"CVE-2008-0592\", \"CVE-2008-0591\", \"CVE-2008-0419\", \"CVE-2008-0418\", \"CVE-2008-0417\", \"CVE-2008-0415\", \"CVE-2008-0414\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.0.9~1.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for seamonkey FEDORA-2008-1459", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860975", "href": "http://plugins.openvas.org/nasl.php?oid=860975", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for seamonkey FEDORA-2008-1459\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"seamonkey on Fedora 8\";\ntag_insight = \"SeaMonkey is an all-in-one Internet application suite. It includes\n a browser, mail/news client, IRC client, JavaScript debugger, and\n a tool to inspect the DOM for web pages. It is derived from the\n application formerly known as Mozilla Application Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.html\");\n script_id(860975);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1459\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"Fedora Update for seamonkey FEDORA-2008-1459\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:01", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 1506-1.", "cvss3": {}, "published": "2008-02-28T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1506-1 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60441", "href": "http://plugins.openvas.org/nasl.php?oid=60441", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1506_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1506-1 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in the Iceape internet\nsuite, an unbranded version of the Seamonkey Internet Suite.\nFor details, please visit the referenced security advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch1.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\";\ntag_summary = \"The remote host is missing an update to iceape\nannounced via advisory DSA 1506-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201506-1\";\n\n\nif(description)\n{\n script_id(60441);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1506-1 (iceape)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mozilla\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-calendar\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-js-debugger\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dom-inspector\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-chatzilla\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dev\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-mailnews\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-psm\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-browser\", ver:\"1.8+1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dom-inspector\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-gnome-support\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-calendar\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"1.0.12~pre080131b-0etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:22", "description": "Check for the Version of yelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for yelp FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860054", "href": "http://plugins.openvas.org/nasl.php?oid=860054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for yelp FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"yelp on Fedora 7\";\ntag_insight = \"Yelp is the Gnome 2 help/documentation browser. It is designed\n to help you browse all the documentation on your system in\n one central tool.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00283.html\");\n script_id(860054);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for yelp FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of yelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.1~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "description": "Check for the Version of chmsee", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for chmsee FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860588", "href": "http://plugins.openvas.org/nasl.php?oid=860588", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for chmsee FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A gtk2 chm document viewer.\n\n It uses chmlib to extract files. It uses gecko to display pages. It supports\n displaying multilingual pages due to gecko. It features bookmarks and tabs.\n The tabs could be used to jump inside the chm file conveniently. Its UI is\n clean and handy, also is well localized. It is actively developed and\n maintained. The author of chmsee is Jungle Ji and several other great people.\n \n Hint\n * Unlike other chm viewers, chmsee extracts files from chm file, and then read\n and display them. The extracted files could be found in $HOME/.chmsee/bookshelf\n directory. You can clean those files at any time and there is a special config\n option for that.\n * The bookmark is related to each file so not all bookmarks will be loaded,\n only current file's.\n * Try to remove $HOME/.chmsee if you encounter any problem after an upgrade.\";\n\ntag_affected = \"chmsee on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00272.html\");\n script_id(860588);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for chmsee FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of chmsee\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~1.0.0~1.28.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:15", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860714", "href": "http://plugins.openvas.org/nasl.php?oid=860714", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 8\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00380.html\");\n script_id(860714);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for firefox FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~2.0.0.12~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860802", "href": "http://plugins.openvas.org/nasl.php?oid=860802", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 7\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00277.html\");\n script_id(860802);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-python2-extras FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.14.3~8.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "description": "Check for the Version of Miro", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for Miro FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860787", "href": "http://plugins.openvas.org/nasl.php?oid=860787", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for Miro FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"Miro on Fedora 7\";\ntag_insight = \"Miro is a free application that turns your computer into an\n internet TV video player. This release is still a beta version, which means\n that there are some bugs, but we're moving quickly to fix them and will be\n releasing bug fixes on a regular basis.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00284.html\");\n script_id(860787);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for Miro FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of Miro\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"Miro\", rpm:\"Miro~1.1~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of openvrml", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openvrml FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860538", "href": "http://plugins.openvas.org/nasl.php?oid=860538", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openvrml FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openvrml on Fedora 8\";\ntag_insight = \"OpenVRML is a VRML/X3D support library, including a runtime and facilities\n for reading and displaying VRML and X3D models.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00387.html\");\n script_id(860538);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for openvrml FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of openvrml\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"openvrml\", rpm:\"openvrml~0.17.5~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of gnome-web-photo", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-web-photo FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860616", "href": "http://plugins.openvas.org/nasl.php?oid=860616", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-web-photo FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-web-photo on Fedora 8\";\ntag_insight = \"gnome-web-photo contains a thumbnailer that will be used by GNOME applications,\n including the file manager, to generate screenshots of web pages.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00377.html\");\n script_id(860616);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-web-photo FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gnome-web-photo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-web-photo\", rpm:\"gnome-web-photo~0.3~8.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:59", "description": "Check for the Version of devhelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for devhelp FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860693", "href": "http://plugins.openvas.org/nasl.php?oid=860693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for devhelp FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"devhelp on Fedora 8\";\ntag_insight = \"An API document browser for GNOME 2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00373.html\");\n script_id(860693);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for devhelp FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of devhelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16.1~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:49", "description": "Check for the Version of epiphany", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860822", "href": "http://plugins.openvas.org/nasl.php?oid=860822", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany on Fedora 8\";\ntag_insight = \"epiphany is a simple GNOME web browser based on the Mozilla rendering\n engine.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00379.html\");\n script_id(860822);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of epiphany\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.2~3.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:15", "description": "Check for the Version of epiphany-extensions", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany-extensions FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860234", "href": "http://plugins.openvas.org/nasl.php?oid=860234", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany-extensions FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany-extensions on Fedora 8\";\ntag_insight = \"Epiphany Extensions is a collection of extensions for Epiphany, the\n GNOME web browser.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00376.html\");\n script_id(860234);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany-extensions FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of epiphany-extensions\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.20.1~5.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for seamonkey FEDORA-2008-1669", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860184", "href": "http://plugins.openvas.org/nasl.php?oid=860184", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for seamonkey FEDORA-2008-1669\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"seamonkey on Fedora 7\";\ntag_insight = \"SeaMonkey is an all-in-one Internet application suite. It includes\n a browser, mail/news client, IRC client, JavaScript debugger, and\n a tool to inspect the DOM for web pages. It is derived from the\n application formerly known as Mozilla Application Suite.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00518.html\");\n script_id(860184);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1669\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"Fedora Update for seamonkey FEDORA-2008-1669\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:01", "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 1506-2.", "cvss3": {}, "published": "2008-03-27T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1506-2 (iceape)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:60615", "href": "http://plugins.openvas.org/nasl.php?oid=60615", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1506_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1506-2 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A regression has been fixed in iceape's frame handling code.\nFor details, please visit the referenced advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 1.0.12~pre080131b-0etch2.\n\nThe Mozilla releases from the old stable distribution (sarge) are no\nlonger supported with security updates.\n\nWe recommend that you upgrade your iceape packages.\";\ntag_summary = \"The remote host is missing an update to iceape\nannounced via advisory DSA 1506-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201506-2\";\n\n\nif(description)\n{\n script_id(60615);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-03-27 18:25:13 +0100 (Thu, 27 Mar 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1506-2 (iceape)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-psm\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-js-debugger\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dom-inspector\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-browser\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-dev\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-mailnews\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-calendar\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mozilla-chatzilla\", ver:\"1.8+1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-calendar\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-gnome-support\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"iceape-dom-inspector\", ver:\"1.0.12~pre080131b-0etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of kazehakase", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kazehakase FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860429", "href": "http://plugins.openvas.org/nasl.php?oid=860429", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kazehakase FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kazehakase on Fedora 8\";\ntag_insight = \"Kazehakase is a Web browser which aims to provide\n a user interface that is truly user-friendly & fully customizable.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00382.html\");\n script_id(860429);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for kazehakase FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of kazehakase\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"kazehakase\", rpm:\"kazehakase~0.5.2~1.fc8.2\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:17", "description": "Check for the Version of kazehakase", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kazehakase FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860637", "href": "http://plugins.openvas.org/nasl.php?oid=860637", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kazehakase FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kazehakase on Fedora 7\";\ntag_insight = \"Kazehakase is a Web browser which aims to provide\n a user interface that is truly user-friendly & fully customizable.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00282.html\");\n script_id(860637);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for kazehakase FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of kazehakase\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kazehakase\", rpm:\"kazehakase~0.5.2~1.fc7.2\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:26", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Mozilla", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65196", "href": "http://plugins.openvas.org/nasl.php?oid=65196", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5021982.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Mozilla\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n mozilla\n mozilla-hu\n mozilla-cs\n mozilla-venkman\n mozilla-dom-inspector\n mozilla-mail\n mozilla-calendar\n mozilla-devel\n mozilla-irc\n mozilla-deat\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5021982 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65196);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-0594\", \"CVE-2008-0593\", \"CVE-2008-0592\", \"CVE-2008-0591\", \"CVE-2008-0419\", \"CVE-2008-0418\", \"CVE-2008-0417\", \"CVE-2008-0415\", \"CVE-2008-0414\", \"CVE-2008-0412\", \"CVE-2008-0413\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Mozilla\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"mozilla\", rpm:\"mozilla~1.8_seamonkey_1.0.9~1.10\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:26", "description": "Check for the Version of gtkmozembedmm", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gtkmozembedmm FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860051", "href": "http://plugins.openvas.org/nasl.php?oid=860051", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gtkmozembedmm FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gtkmozembedmm on Fedora 7\";\ntag_insight = \"This package provides a C++/gtkmm wrapper for GtkMozEmbed\n from Mozilla 1.4.x to 1.7.x.\n The wrapper provides a convenient interface for C++ programmers\n to use the Gtkmozembed HTML-rendering widget inside their software.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00276.html\");\n script_id(860051);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gtkmozembedmm FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of gtkmozembedmm\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"gtkmozembedmm\", rpm:\"gtkmozembedmm~1.4.2.cvs20060817~15.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:35", "description": "Check for the Version of MozillaFirefox,seamonkey", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850020", "href": "http://plugins.openvas.org/nasl.php?oid=850020", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_008.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The web browser Mozilla Firefox has been brought to security update\n version 2.0.0.12.\n\n The Firefox versions was upgraded to 2.0.0.12 on:\n - SUSE Linux 10.1, openSUSE 10.2 and 10.3\n - SUSE Linux Enterprise Server and Desktop 10\n\n All Firefox fixes were also back ported to the Firefox 1.5.0.14 version\n in Novell Linux Desktop 9.\n\n Also released were Mozilla Seamonkey Suite 1.8.1.12 packages for\n openSUSE 10.2 and 10.3. All Mozilla Seamonkey fixes were back ported\n to the SUSE Linux 10.1 seamonkey 1.8.0 version.\n\n Following security problems were fixed:\n - CVE-2008-0594 Web forgery overwrite with div overlay\n - CVE-2008-0593 URL token stealing via stylesheet redirect\n - CVE-2008-0592 Mishandling of locally-saved plain text files\n - CVE-2008-0591 File action dialog tampering\n - CVE-2008-0419 Web browsing history and forward navigation\n stealing\n - CVE-2008-0418 Directory traversal via chrome: URI\n - CVE-2008-0417 Stored password corruption\n - CVE-2008-0415 Privilege escalation, XSS, Remote Code\n Execution\n - CVE-2008-0414 Multiple file input focus stealing\n vulnerabilities\n - CVE-2008-0413 Crashes with evidence of\n memory corruption (rv:1.8.1.12)\";\n\ntag_impact = \"remote code execution\";\ntag_affected = \"MozillaFirefox,seamonkey on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850020);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-008\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:008\");\n\n script_summary(\"Check for the Version of MozillaFirefox,seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.8~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"openSUSE10.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.1.8~0.1\", rls:\"openSUSE10.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~1.5.0.12~0.9\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~1.5.0.12~0.9\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SL10.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~2.0.0.12~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations\", rpm:\"MozillaFirefox-translations~2.0.0.12~0.2\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-calendar\", rpm:\"seamonkey-calendar~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-spellchecker\", rpm:\"seamonkey-spellchecker~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~1.0.9~1.10\", rls:\"SL10.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:38", "description": "Check for the Version of openvrml", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for openvrml FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860105", "href": "http://plugins.openvas.org/nasl.php?oid=860105", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openvrml FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"openvrml on Fedora 7\";\ntag_insight = \"OpenVRML is a VRML/X3D support library, including a runtime and facilities\n for reading and displaying VRML and X3D models.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00285.html\");\n script_id(860105);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for openvrml FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of openvrml\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"openvrml\", rpm:\"openvrml~0.16.7~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:53", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860415", "href": "http://plugins.openvas.org/nasl.php?oid=860415", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 8\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00378.html\");\n script_id(860415);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for gnome-python2-extras FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.19.1~12.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:58", "description": "Check for the Version of epiphany", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for epiphany FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860719", "href": "http://plugins.openvas.org/nasl.php?oid=860719", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for epiphany FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"epiphany on Fedora 7\";\ntag_insight = \"epiphany is a simple GNOME web browser based on the Mozilla rendering\n engine.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00280.html\");\n script_id(860719);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for epiphany FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of epiphany\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.3~6.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:15", "description": "Check for the Version of Miro", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for Miro FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860857", "href": "http://plugins.openvas.org/nasl.php?oid=860857", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for Miro FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"Miro on Fedora 8\";\ntag_insight = \"Miro is a free application that turns your computer into an\n internet TV video player. This release is still a beta version, which means\n that there are some bugs, but we're moving quickly to fix them and will be\n releasing bug fixes on a regular basis.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00384.html\");\n script_id(860857);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for Miro FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of Miro\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"Miro\", rpm:\"Miro~1.1~3.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of galeon", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for galeon FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860512", "href": "http://plugins.openvas.org/nasl.php?oid=860512", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for galeon FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"galeon on Fedora 7\";\ntag_insight = \"Galeon is a web browser built around Gecko (Mozilla's rendering\n engine) and Necko (Mozilla's networking engine). It's a GNOME web\n browser, designed to take advantage of as many GNOME technologies as\n makes sense. Galeon was written to do just one thing - browse the web.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00278.html\");\n script_id(860512);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for galeon FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of galeon\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~15.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:05", "description": "Check for the Version of devhelp", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for devhelp FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860679", "href": "http://plugins.openvas.org/nasl.php?oid=860679", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for devhelp FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"devhelp on Fedora 7\";\ntag_insight = \"An API document browser for GNOME 2.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00275.html\");\n script_id(860679);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for devhelp FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of devhelp\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~13.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:03", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880017", "href": "http://plugins.openvas.org/nasl.php?oid=880017", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014667.html\");\n script_id(880017);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:45", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880157", "href": "http://plugins.openvas.org/nasl.php?oid=880157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014669.html\");\n script_id(880157);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:36", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880017", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880017", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014667.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880017\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:13", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-576-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for firefox vulnerabilities USN-576-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840192", "href": "http://plugins.openvas.org/nasl.php?oid=840192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_576_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for firefox vulnerabilities USN-576-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Various flaws were discovered in the browser and JavaScript engine.\n By tricking a user into opening a malicious web page, an attacker\n could execute arbitrary code with the user's privileges.\n (CVE-2008-0412, CVE-2008-0413)\n\n Flaws were discovered in the file upload form control. A malicious\n website could force arbitrary files from the user's computer to be\n uploaded without consent. (CVE-2008-0414)\n \n Various flaws were discovered in the JavaScript engine. By tricking\n a user into opening a malicious web page, an attacker could escalate\n privileges within the browser, perform cross-site scripting attacks\n and/or execute arbitrary code with the user's privileges. (CVE-2008-0415)\n \n Various flaws were discovered in character encoding handling. If a\n user were ticked into opening a malicious web page, an attacker\n could perform cross-site scripting attacks. (CVE-2008-0416)\n \n Justin Dolske discovered a flaw in the password saving mechanism. By\n tricking a user into opening a malicious web page, an attacker could\n corrupt the user's stored passwords. (CVE-2008-0417)\n \n Gerry Eisenhaur discovered that the chrome URI scheme did not properly\n guard against directory traversal. Under certain circumstances, an\n attacker may be able to load files or steal session data. Ubuntu is\n not vulnerable in the default installation. (CVE-2008-0418)\n \n David Bloom discovered flaws in the way images are treated by the\n browser. A malicious website could exploit this to steal the user's\n history information, crash the browser and/or possibly execute\n arbitrary code with the user's privileges. (CVE-2008-0419)\n \n Flaws were discovered in the BMP decoder. By tricking a user into\n opening a specially crafted BMP file, an attacker could obtain\n sensitive information. (CVE-2008-0420)\n \n Michal Zalewski discovered flaws with timer-enabled security dialogs.\n A malicious website could force the user to confirm a security dialog\n without explicit consent. (CVE-2008-0591)\n \n It was discovered that Firefox mishandled locally saved plain text\n files. By tricking a user into saving a specially crafted text file,\n an attacker could prevent the browser from displaying local files\n with a .txt extension. (CVE-2008-0592)\n \n Martin Straka discovered flaws in stylesheet handling after a 302\n redirect. By tricking a user into opening a malicious web page, an\n attacker could obtain sensitive URL parameters. (CVE-2008-0593)\n \n Emil Ljungdahl and Lars-Olof Moilanen discovered that a web forgery\n warning dialog wasn't displayed under certain circumstances. A\n malicious website could exploit this to conduct phishing attacks\n against the user. (CVE-2008-0594)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-576-1\";\ntag_affected = \"firefox vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-576-1/\");\n script_id(840192);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"576-1\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Ubuntu Update for firefox vulnerabilities USN-576-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12+1nobinonly+2-0ubuntu0.7.4\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr-dev\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnspr4\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss-dev\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libnss3\", ver:\"1.firefox2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dev\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-dom-inspector\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox-gnome-support\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mozilla-firefox\", ver:\"2.0.0.12+0nobinonly+2-0ubuntu0.6.10\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"firefox-dbg\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dev\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-gnome-support\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-libthai\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firefox-dom-inspector\", ver:\"2.0.0.12+2nobinonly+2-0ubuntu0.7.10\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880022", "href": "http://plugins.openvas.org/nasl.php?oid=880022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014668.html\");\n script_id(880022);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:09", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880161", "href": "http://plugins.openvas.org/nasl.php?oid=880161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014663.html\");\n script_id(880161);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:30", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880157", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014669.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880157\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:11", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880131", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014682.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880131\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:35", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880161", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880161", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014663.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880161\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:02", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880191", "href": "http://plugins.openvas.org/nasl.php?oid=880191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014664.html\");\n script_id(880191);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:50", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for seamonkey RHSA-2008:0104-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870039", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for seamonkey RHSA-2008:0104-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on Red Hat Enterprise Linux AS (Advanced Server) version 2.1,\n Red Hat Enterprise Linux ES version 2.1,\n Red Hat Enterprise Linux WS version 2.1,\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870039\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for seamonkey RHSA-2008:0104-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_2.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:17", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880164", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014678.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880164\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:29", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014670.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880136\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:59", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880054", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014662.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880054\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:14", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880191", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880191", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014664.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880191\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:28", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: firefox", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2016-09-19T00:00:00", "id": "OPENVAS:60456", "href": "http://plugins.openvas.org/nasl.php?oid=60456", "sourceData": "#\n#VID 810a5197-e0d9-11dc-891a-02061b08fc24\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n seamonkey\n linux-seamonkey\n flock\n linux-flock\n linux-firefox-devel\n linux-seamonkey-devel\n\nFor details, please visit the referenced security advisories.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/projects/security/known-vulnerabilities.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-01.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-02.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-03.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-04.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-05.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-06.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-07.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-08.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-09.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-10.html\nhttp://www.mozilla.org/security/announce/2008/mfsa2008-11.html\nhttp://www.vuxml.org/freebsd/810a5197-e0d9-11dc-891a-02061b08fc24.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60456);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.12,1\")<0) {\n txt += 'Package firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.0.0.12\")<0) {\n txt += 'Package linux-firefox version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.1.8\")<0) {\n txt += 'Package linux-seamonkey version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"flock\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.9\")<0) {\n txt += 'Package flock version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-flock\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.0.9\")<0) {\n txt += 'Package linux-flock version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-firefox-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package linux-seamonkey-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:37", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880131", "href": "http://plugins.openvas.org/nasl.php?oid=880131", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014682.html\");\n script_id(880131);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104-01 centos2 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2.c2.1\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:11", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880295", "href": "http://plugins.openvas.org/nasl.php?oid=880295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014677.html\");\n script_id(880295);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:48", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880036", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014661.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880036\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:57", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880295", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014677.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880295\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:38", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880022", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014668.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880022\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880203", "href": "http://plugins.openvas.org/nasl.php?oid=880203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014671.html\");\n script_id(880203);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 i386\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "description": "Check for the Version of blam", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for blam FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2005-4790", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860601", "href": "http://plugins.openvas.org/nasl.php?oid=860601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for blam FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"blam on Fedora 8\";\ntag_insight = \"Blam is a tool that helps you keep track of the growing\n number of news feeds distributed as RSS. Blam lets you\n subscribe to any number of feeds and provides an easy to\n use and clean interface to stay up to date\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00374.html\");\n script_id(860601);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2005-4790\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for blam FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of blam\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"blam\", rpm:\"blam~1.8.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:38", "description": "Check for the Version of mozilla-firefox", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830624", "href": "http://plugins.openvas.org/nasl.php?oid=830624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Firefox program, version 2.0.0.12.\n\n This update provides the latest Firefox to correct these issues.\";\n\ntag_affected = \"mozilla-firefox on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00030.php\");\n script_id(830624);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:048\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\");\n\n script_summary(\"Check for the Version of mozilla-firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"deskbar-applet\", rpm:\"deskbar-applet~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt-sdk\", rpm:\"eclipse-jdt-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-sdk\", rpm:\"eclipse-pde-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform-sdk\", rpm:\"eclipse-platform-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp-sdk\", rpm:\"eclipse-rcp-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-sdk\", rpm:\"eclipse-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.0~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0-devel\", rpm:\"libdevhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1\", rpm:\"libtotem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1-devel\", rpm:\"libtotem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0-devel\", rpm:\"lib64devhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1\", rpm:\"lib64totem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1-devel\", rpm:\"lib64totem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-cvs-client\", rpm:\"eclipse-cvs-client~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~7.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser-devel\", rpm:\"libtotem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser7\", rpm:\"libtotem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.771~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.0.43~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~1.4.2~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gnome-support\", rpm:\"mozilla-firefox-gnome-support~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~3.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser-devel\", rpm:\"lib64totem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser7\", rpm:\"lib64totem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:51", "description": "Check for the Version of ruby-gnome2", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby-gnome2 FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-6183", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860316", "href": "http://plugins.openvas.org/nasl.php?oid=860316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby-gnome2 FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby-gnome2 on Fedora 7\";\ntag_insight = \"This is a set of bindings for the GNOME-2.x libraries for use from Ruby.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00279.html\");\n script_id(860316);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2007-6183\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for ruby-gnome2 FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of ruby-gnome2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby-gnome2\", rpm:\"ruby-gnome2~0.16.0~21.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:07", "description": "Check for the Version of mozilla-firefox", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830624", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Firefox program, version 2.0.0.12.\n\n This update provides the latest Firefox to correct these issues.\";\n\ntag_affected = \"mozilla-firefox on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-02/msg00030.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830624\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:048\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0414\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\", \"CVE-2008-0594\");\n script_name( \"Mandriva Update for mozilla-firefox MDVSA-2008:048 (mozilla-firefox)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mozilla-firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"deskbar-applet\", rpm:\"deskbar-applet~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt-sdk\", rpm:\"eclipse-jdt-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-sdk\", rpm:\"eclipse-pde-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform-sdk\", rpm:\"eclipse-platform-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp-sdk\", rpm:\"eclipse-rcp-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-sdk\", rpm:\"eclipse-sdk~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.18.0~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-extensions\", rpm:\"epiphany-extensions~2.18.0~2.5mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~5.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.14.3~4.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0-devel\", rpm:\"libdevhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1\", rpm:\"libtotem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser1-devel\", rpm:\"libtotem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.18.0~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.2.2~3.4.4mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0-devel\", rpm:\"lib64devhelp-1_0-devel~0.13~3.6mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1\", rpm:\"lib64totem-plparser1~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser1-devel\", rpm:\"lib64totem-plparser1-devel~2.18.2~1.7mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"devhelp\", rpm:\"devhelp~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"devhelp-plugins\", rpm:\"devhelp-plugins~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-cvs-client\", rpm:\"eclipse-cvs-client~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-ecj\", rpm:\"eclipse-ecj~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-jdt\", rpm:\"eclipse-jdt~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde\", rpm:\"eclipse-pde~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-pde-runtime\", rpm:\"eclipse-pde-runtime~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-platform\", rpm:\"eclipse-platform~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse-rcp\", rpm:\"eclipse-rcp~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany\", rpm:\"epiphany~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"epiphany-devel\", rpm:\"epiphany-devel~2.20.0~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"galeon\", rpm:\"galeon~2.0.3~7.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-extras\", rpm:\"gnome-python-extras~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda\", rpm:\"gnome-python-gda~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gda-devel\", rpm:\"gnome-python-gda-devel~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gdl\", rpm:\"gnome-python-gdl~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gksu\", rpm:\"gnome-python-gksu~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkhtml2\", rpm:\"gnome-python-gtkhtml2~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkmozembed\", rpm:\"gnome-python-gtkmozembed~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnome-python-gtkspell\", rpm:\"gnome-python-gtkspell~2.19.1~4.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1-devel\", rpm:\"libdevhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libdevhelp-1_0\", rpm:\"libdevhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox-devel\", rpm:\"libmozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libmozilla-firefox2.0.0.12\", rpm:\"libmozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libswt3-gtk2\", rpm:\"libswt3-gtk2~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser-devel\", rpm:\"libtotem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libtotem-plparser7\", rpm:\"libtotem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox\", rpm:\"mozilla-firefox~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-af\", rpm:\"mozilla-firefox-af~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ar\", rpm:\"mozilla-firefox-ar~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-be\", rpm:\"mozilla-firefox-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-bg\", rpm:\"mozilla-firefox-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-br_FR\", rpm:\"mozilla-firefox-br_FR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ca\", rpm:\"mozilla-firefox-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-cs\", rpm:\"mozilla-firefox-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-da\", rpm:\"mozilla-firefox-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-de\", rpm:\"mozilla-firefox-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-el\", rpm:\"mozilla-firefox-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-en_GB\", rpm:\"mozilla-firefox-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_AR\", rpm:\"mozilla-firefox-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-es_ES\", rpm:\"mozilla-firefox-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-et_EE\", rpm:\"mozilla-firefox-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-eu\", rpm:\"mozilla-firefox-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-blogrovr\", rpm:\"mozilla-firefox-ext-blogrovr~1.1.771~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-foxmarks\", rpm:\"mozilla-firefox-ext-foxmarks~2.0.43~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ext-scribefire\", rpm:\"mozilla-firefox-ext-scribefire~1.4.2~4.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fi\", rpm:\"mozilla-firefox-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fr\", rpm:\"mozilla-firefox-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-fy\", rpm:\"mozilla-firefox-fy~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ga\", rpm:\"mozilla-firefox-ga~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gnome-support\", rpm:\"mozilla-firefox-gnome-support~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-gu_IN\", rpm:\"mozilla-firefox-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-he\", rpm:\"mozilla-firefox-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-hu\", rpm:\"mozilla-firefox-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-it\", rpm:\"mozilla-firefox-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ja\", rpm:\"mozilla-firefox-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ka\", rpm:\"mozilla-firefox-ka~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ko\", rpm:\"mozilla-firefox-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ku\", rpm:\"mozilla-firefox-ku~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-lt\", rpm:\"mozilla-firefox-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mk\", rpm:\"mozilla-firefox-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-mn\", rpm:\"mozilla-firefox-mn~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nb_NO\", rpm:\"mozilla-firefox-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nl\", rpm:\"mozilla-firefox-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-nn_NO\", rpm:\"mozilla-firefox-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pa_IN\", rpm:\"mozilla-firefox-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pl\", rpm:\"mozilla-firefox-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_BR\", rpm:\"mozilla-firefox-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-pt_PT\", rpm:\"mozilla-firefox-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ro\", rpm:\"mozilla-firefox-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-ru\", rpm:\"mozilla-firefox-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sk\", rpm:\"mozilla-firefox-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sl\", rpm:\"mozilla-firefox-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-sv_SE\", rpm:\"mozilla-firefox-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-tr\", rpm:\"mozilla-firefox-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-uk\", rpm:\"mozilla-firefox-uk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_CN\", rpm:\"mozilla-firefox-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-zh_TW\", rpm:\"mozilla-firefox-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem\", rpm:\"totem~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-common\", rpm:\"totem-common~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-gstreamer\", rpm:\"totem-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla\", rpm:\"totem-mozilla~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"totem-mozilla-gstreamer\", rpm:\"totem-mozilla-gstreamer~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"yelp\", rpm:\"yelp~2.20.0~3.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"eclipse\", rpm:\"eclipse~3.3.0~0.20.8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-firefox-l10n\", rpm:\"mozilla-firefox-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1-devel\", rpm:\"lib64devhelp-1-devel~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64devhelp-1_0\", rpm:\"lib64devhelp-1_0~0.16~1.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox-devel\", rpm:\"lib64mozilla-firefox-devel~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64mozilla-firefox2.0.0.12\", rpm:\"lib64mozilla-firefox2.0.0.12~2.0.0.12~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser-devel\", rpm:\"lib64totem-plparser-devel~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64totem-plparser7\", rpm:\"lib64totem-plparser7~2.20.1~1.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:35", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880203", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014671.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880203\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:37", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2008:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870023", "href": "http://plugins.openvas.org/nasl.php?oid=870023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2008:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00001.html\");\n script_id(870023);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0103-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for firefox RHSA-2008:0103-01\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:44", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for seamonkey RHSA-2008:0104-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870039", "href": "http://plugins.openvas.org/nasl.php?oid=870039", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for seamonkey RHSA-2008:0104-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on Red Hat Enterprise Linux AS (Advanced Server) version 2.1,\n Red Hat Enterprise Linux ES version 2.1,\n Red Hat Enterprise Linux WS version 2.1,\n Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3,\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00002.html\");\n script_id(870039);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0104-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for seamonkey RHSA-2008:0104-01\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_2.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el2\", rls:\"RHENT_2.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~9.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:40", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880164", "href": "http://plugins.openvas.org/nasl.php?oid=880164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014678.html\");\n script_id(880164);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos3 x86_64\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:52", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880036", "href": "http://plugins.openvas.org/nasl.php?oid=880036", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014661.html\");\n script_id(880036);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 i386\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:56", "description": "Check for the Version of seamonkey", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880054", "href": "http://plugins.openvas.org/nasl.php?oid=880054", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SeaMonkey is an open source Web browser, advanced email and newsgroup\n client, IRC chat client, and HTML editor.\n\n Several flaws were found in the way SeaMonkey processed certain malformed\n web content. A webpage containing malicious content could cause SeaMonkey\n to crash, or potentially execute arbitrary code as the user running\n SeaMonkey. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way SeaMonkey displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way SeaMonkey stored password data. If a user\n saves login information for a malicious website, it could be possible\n to corrupt the password database, preventing the user from properly\n accessing saved password data. (CVE-2008-0417)\n \n A flaw was found in the way SeaMonkey handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious website\n to steal sensitive session data. Note: this flaw does not affect a default\n installation of SeaMonkey. (CVE-2008-0418)\n \n A flaw was found in the way SeaMonkey saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n SeaMonkey will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592)\n \n Users of SeaMonkey are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"seamonkey on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014662.html\");\n script_id(880054);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0104\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for seamonkey CESA-2008:0104 centos3 x86_64\");\n\n script_summary(\"Check for the Version of seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-chat\", rpm:\"seamonkey-chat~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-devel\", rpm:\"seamonkey-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-js-debugger\", rpm:\"seamonkey-js-debugger~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-mail\", rpm:\"seamonkey-mail~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr\", rpm:\"seamonkey-nspr~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nspr-devel\", rpm:\"seamonkey-nspr-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss\", rpm:\"seamonkey-nss~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-nss-devel\", rpm:\"seamonkey-nss-devel~1.0.9~0.9.el3.centos3\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:44", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for firefox CESA-2008:0103 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880136", "href": "http://plugins.openvas.org/nasl.php?oid=880136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for firefox CESA-2008:0103 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014670.html\");\n script_id(880136);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0103\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for firefox CESA-2008:0103 centos5 i386\");\n\n script_summary(\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:29", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for firefox RHSA-2008:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2008:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Firefox is an open source Web browser.\n\n Several flaws were found in the way Firefox processed certain malformed web\n content. A webpage containing malicious content could cause Firefox to\n crash, or potentially execute arbitrary code as the user running Firefox.\n (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0419)\n \n Several flaws were found in the way Firefox displayed malformed web\n content. A webpage containing specially-crafted content could trick a user\n into surrendering sensitive information. (CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Firefox stored password data. If a user saves\n login information for a malicious website, it could be possible to corrupt\n the password database, preventing the user from properly accessing saved\n password data. (CVE-2008-0417)\n \n A flaw was found in the way Firefox handles certain chrome URLs. If a user\n has certain extensions installed, it could allow a malicious website to\n steal sensitive session data. Note: this flaw does not affect a default\n installation of Firefox. (CVE-2008-0418)\n \n A flaw was found in the way Firefox saves certain text files. If a\n website offers a file of type "plain/text", rather than "text/plain",\n Firefox will not show future "text/plain" content to the user in the\n browser, forcing them to save those files locally to view the content.\n (CVE-2008-0592) \n \n Users of firefox are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\ntag_affected = \"firefox on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4,\n Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870023\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0103-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for firefox RHSA-2008:0103-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~1.5.0.12~0.10.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:21", "description": "Oracle Linux Local Security Checks ELSA-2008-0103", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0416", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122612", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122612", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0103.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122612\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:49:16 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0103\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0103 - Critical: firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0103\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0103.html\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0416\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~1.5.0.12~9.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"firefox-devel\", rpm:\"firefox-devel~1.5.0.12~9.el5.0.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:56:35", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880270", "href": "http://plugins.openvas.org/nasl.php?oid=880270", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014666.html\");\n script_id(880270);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:43", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880228", "href": "http://plugins.openvas.org/nasl.php?oid=880228", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014665.html\");\n script_id(880228);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 i386\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:11", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870047", "href": "http://plugins.openvas.org/nasl.php?oid=870047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00003.html\");\n script_id(870047);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-01\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:46", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880271", "href": "http://plugins.openvas.org/nasl.php?oid=880271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014672.html\");\n script_id(880271);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:03", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880270", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880270", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014666.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880270\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:00", "description": "Check for the Version of ruby-gnome2", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for ruby-gnome2 FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-6183", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860269", "href": "http://plugins.openvas.org/nasl.php?oid=860269", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ruby-gnome2 FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"ruby-gnome2 on Fedora 8\";\ntag_insight = \"This is a set of bindings for the GNOME-2.x libraries for use from Ruby.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00388.html\");\n script_id(860269);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2007-6183\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for ruby-gnome2 FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of ruby-gnome2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby-gnome2\", rpm:\"ruby-gnome2~0.16.0~20.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:26", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880228", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880228", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014665.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880228\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:33", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880271", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880271", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-February/014672.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880271\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:36:45 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0105\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"CentOS Update for thunderbird CESA-2008:0105 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:05", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870047", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870047", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0591,\n CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592) \n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00003.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870047\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-01\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:25", "description": "Check for the Version of liferea", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for liferea FEDORA-2008-1535", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-5751", "CVE-2006-4791", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860467", "href": "http://plugins.openvas.org/nasl.php?oid=860467", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for liferea FEDORA-2008-1535\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"liferea on Fedora 8\";\ntag_insight = \"Liferea (Linux Feed Reader) is an RSS/RDF feed reader.\n It's intended to be a clone of the Windows-only FeedReader.\n It can be used to maintain a list of subscribed feeds,\n browse through their items, and show their contents.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00386.html\");\n script_id(860467);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1535\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2006-4791\", \"CVE-2007-5751\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for liferea FEDORA-2008-1535\");\n\n script_summary(\"Check for the Version of liferea\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"liferea\", rpm:\"liferea~1.4.11~2.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "Check for the Version of liferea", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for liferea FEDORA-2008-1435", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0417", "CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0594", "CVE-2007-5751", "CVE-2006-4791", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0592", "CVE-2008-0414", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860212", "href": "http://plugins.openvas.org/nasl.php?oid=860212", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for liferea FEDORA-2008-1435\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"liferea on Fedora 7\";\ntag_insight = \"Liferea (Linux Feed Reader) is an RSS/RDF feed reader.\n It's intended to be a clone of the Windows-only FeedReader.\n It can be used to maintain a list of subscribed feeds,\n browse through their items, and show their contents.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00281.html\");\n script_id(860212);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 14:16:57 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-1435\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0417\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2006-4791\", \"CVE-2007-5751\", \"CVE-2008-0414\", \"CVE-2008-0594\");\n script_name( \"Fedora Update for liferea FEDORA-2008-1435\");\n\n script_summary(\"Check for the Version of liferea\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"liferea\", rpm:\"liferea~1.4.9~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:18", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A heap-based buffer overflow flaw was found in the way Thunderbird\n processed messages with external-body Multipurpose Internet Message\n Extensions (MIME) types. A HTML mail message containing malicious content\n could cause Thunderbird to execute arbitrary code as the user running\n Thunderbird. (CVE-2008-0304)\n \n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0420,\n CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592)\n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00020.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870044\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-02\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-02\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:04", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2008-2060", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860797", "href": "http://plugins.openvas.org/nasl.php?oid=860797", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2008-2060\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 8\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.html\");\n script_id(860797);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-2060\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0304\", \"CVE-2008-0420\");\n script_name( \"Fedora Update for thunderbird FEDORA-2008-2060\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.12~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:21", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2008-2118", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860417", "href": "http://plugins.openvas.org/nasl.php?oid=860417", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2008-2118\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 7\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.html\");\n script_id(860417);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-16 16:22:52 +0100 (Mon, 16 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-2118\");\n script_cve_id(\"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0419\", \"CVE-2008-0591\", \"CVE-2008-0593\", \"CVE-2008-0418\", \"CVE-2008-0592\", \"CVE-2008-0420\", \"CVE-2008-0304\");\n script_name( \"Fedora Update for thunderbird FEDORA-2008-2118\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~2.0.0.12~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:16", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2008:0105-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0419", "CVE-2008-0593", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0592", "CVE-2008-0420", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870044", "href": "http://plugins.openvas.org/nasl.php?oid=870044", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2008:0105-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n A heap-based buffer overflow flaw was found in the way Thunderbird\n processed messages with external-body Multipurpose Internet Message\n Extensions (MIME) types. A HTML mail message containing malicious content\n could cause Thunderbird to execute arbitrary code as the user running\n Thunderbird. (CVE-2008-0304)\n \n Several flaws were found in the way Thunderbird processed certain malformed\n HTML mail content. A HTML mail message containing malicious content could\n cause Thunderbird to crash, or potentially execute arbitrary code as the\n user running Thunderbird. (CVE-2008-0412, CVE-2008-0413, CVE-2008-0415,\n CVE-2008-0419)\n \n Several flaws were found in the way Thunderbird displayed malformed HTML\n mail content. A HTML mail message containing specially-crafted content\n could trick a user into surrendering sensitive information. (CVE-2008-0420,\n CVE-2008-0591, CVE-2008-0593)\n \n A flaw was found in the way Thunderbird handles certain chrome URLs. If a\n user has certain extensions installed, it could allow a malicious HTML mail\n message to steal sensitive session data. Note: this flaw does not affect a\n default installation of Thunderbird. (CVE-2008-0418)\n \n Note: JavaScript support is disabled by default in Thunderbird; the above\n issues are not exploitable unless JavaScript is enabled.\n \n A flaw was found in the way Thunderbird saves certain text files. If a\n remote site offers a file of type "plain/text", rather than "text/plain",\n Thunderbird will not show future "text/plain" content to the user, forcing\n them to save those files locally to view the content. (CVE-2008-0592)\n \n Users of thunderbird are advised to upgrade to these updated packages,\n which contain backported patches to resolve these issues.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-February/msg00020.html\");\n script_id(870044);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0105-02\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0419\", \"CVE-2008-0420\", \"CVE-2008-0591\", \"CVE-2008-0592\", \"CVE-2008-0593\");\n script_name( \"RedHat Update for thunderbird RHSA-2008:0105-02\");\n\n script_summary(\"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~1.5.0.12~8.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:58", "description": "Check for the Version of mozilla-thunderbird", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830675", "href": "http://plugins.openvas.org/nasl.php?oid=830675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 2.0.0.12.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-03/msg00007.php\");\n script_id(830675);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:062\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0591\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\");\n\n script_summary(\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.3~4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:01", "description": "Check for the Version of mozilla-thunderbird", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-0412", "CVE-2008-0413", "CVE-2008-0418", "CVE-2008-0304", "CVE-2008-0415", "CVE-2008-0591"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of security vulnerabilities have been discovered and corrected\n in the latest Mozilla Thunderbird program, version 2.0.0.12.\n\n This update provides the latest Thunderbird to correct these issues.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64,\n Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-03/msg00007.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830675\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:062\");\n script_cve_id(\"CVE-2008-0304\", \"CVE-2008-0412\", \"CVE-2008-0413\", \"CVE-2008-0415\", \"CVE-2008-0418\", \"CVE-2008-0591\");\n script_name( \"Mandriva Update for mozilla-thunderbird MDVSA-2008:062 (mozilla-thunderbird)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~2.0.0.12~3mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-l10n\", rpm:\"mozilla-thunderbird-enigmail-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~2.0.0.12~1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-devel\", rpm:\"mozilla-thunderbird-devel~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~2.0.0.12~3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es_AR\", rpm:\"mozilla-thunderbird-enigmail-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ro\", rpm:\"mozilla-thunderbird-enigmail-ro~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sk\", rpm:\"mozilla-thunderbird-enigmail-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gu_IN\", rpm:\"mozilla-thunderbird-gu_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-mk\", rpm:\"mozilla-thunderbird-mk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-moztraybiff\", rpm:\"mozilla-thunderbird-moztraybiff~1.2.3~4mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~2.0.0.12~1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n sec

Debian Security Advisory DSA 1485-2 (icedove)

Description

Related