Lucene search
Debian Security Advisory DSA 1558-1 (xulrunner)
๐๏ธย 30 Apr 2008ย 00:00:00Reported byย Copyright (c) 2008 E-Soft Inc. http://www.securityspace.comTypeย 
ย openvas๐ย plugins.openvas.org๐ย 21ย Views
Update for xulrunner in Debian Security Advisory DSA 1558-1 to fix potential code execution vulnerabilit
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
 | seamonkey security update | 17 Apr 200800:00 | โ | oraclelinux |
| firefox security update | 17 Apr 200800:00 | โ | oraclelinux |
| thunderbird security update | 30 Apr 200800:00 | โ | oraclelinux |
| Fedora Update for epiphany-extensions FEDORA-2008-3283 | 17 Feb 200900:00 | โ | openvas |
| Fedora Update for Miro FEDORA-2008-3283 | 17 Feb 200900:00 | โ | openvas |
| Fedora Update for openvrml FEDORA-2008-3283 | 17 Feb 200900:00 | โ | openvas |
| CentOS Update for seamonkey CESA-2008:0223 centos4 i386 | 27 Feb 200900:00 | โ | openvas |
| Slackware Advisory SSA:2008-108-01 mozilla-firefox | 11 Sep 201200:00 | โ | openvas |
| CentOS Update for seamonkey CESA-2008:0223 centos3 i386 | 27 Feb 200900:00 | โ | openvas |
| Fedora Update for gtkmozembedmm FEDORA-2008-3283 | 17 Feb 200900:00 | โ | openvas |
10
# OpenVAS Vulnerability Test
# $Id: deb_1558_1.nasl 6616 2017-07-07 12:10:49Z cfischer $
# Description: Auto-generated from advisory DSA 1558-1 (xulrunner)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "It was discovered that crashes in the Javascript engine of xulrunner,
the Gecko engine library, could potentially lead to the execution of
arbitrary code.
For the stable distribution (etch), this problem has been fixed in
version 1.8.0.15~pre080323b-0etch2.
For the unstable distribution (sid), this problem has been fixed in
version 1.8.1.14-1.
We recommend that you upgrade your xulrunner packages.";
tag_summary = "The remote host is missing an update to xulrunner
announced via advisory DSA 1558-1.";
tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201558-1";
if(description)
{
script_id(60863);
script_version("$Revision: 6616 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $");
script_tag(name:"creation_date", value:"2008-04-30 19:28:13 +0200 (Wed, 30 Apr 2008)");
script_cve_id("CVE-2008-1380");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Debian Security Advisory DSA 1558-1 (xulrunner)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-deb.inc");
res = "";
report = "";
if ((res = isdpkgvuln(pkg:"libnss3-dev", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs-dev", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libsmjs1", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnspr4-dev", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libxul-common", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libsmjs-dev", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozillainterfaces-java", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libxul-dev", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnspr4-0d", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnss3-0d", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs0d-dbg", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libmozjs0d", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnspr4-0d-dbg", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnss3-0d-dbg", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libxul0d", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"python-xpcom", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"spidermonkey-bin", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libnss3-tools", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"libxul0d-dbg", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner-gnome-support", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if ((res = isdpkgvuln(pkg:"xulrunner", ver:"1.8.0.15~pre080323b-0etch2", rls:"DEB4.0")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Apr 2008 00:00Current
0.9Low risk
Vulners AI Score0.9
EPSS0.19141