Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2008 Greenbone Networks GmbHOPENVAS:800089
HistoryDec 23, 2008 - 12:00 a.m.

Mozilla Firefox Multiple Vulnerabilities December-08 (Linux)

2008-12-2300:00:00
Copyright (C) 2008 Greenbone Networks GmbH
plugins.openvas.org
22

0.052 Low

EPSS

Percentile

93.1%

JSON

The host is installed with Mozilla Firefox browser and is prone
to multiple vulnerabilities.

Vulnerability:
Refer to the reference links for more information on the vulnerabilities.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_firefox_mult_vuln_dec08_lin.nasl 6539 2017-07-05 12:02:14Z cfischer $
#
# Mozilla Firefox Multiple Vulnerabilities December-08 (Linux)
#
# Authors:
# Chandan S <[email protected]>
#
# Copyright:
# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_summary = "The host is installed with Mozilla Firefox browser and is prone
  to multiple vulnerabilities.

  Vulnerability:
  Refer to the reference links for more information on the vulnerabilities.";

tag_impact = "Successful exploitation could result in remote arbitrary code execution,
  bypass security restrictions, sensitive information disclosure, cross
  site scripting attacks and execute JavaScript code with chrome privileges.
  Impact Level: System";
tag_affected = "Firefox version prior to 2.0.0.19 and 3.x to 3.0.4 on Linux.";
tag_solution = "Upgrade to Firefox version 2.0.0.19 or 3.0.5
  http://www.mozilla.com/en-US/firefox/all.html";

if(description)
{
  script_id(800089);
  script_version("$Revision: 6539 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-05 14:02:14 +0200 (Wed, 05 Jul 2017) $");
  script_tag(name:"creation_date", value:"2008-12-23 15:23:02 +0100 (Tue, 23 Dec 2008)");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-2008-5500", "CVE-2008-5501", "CVE-2008-5502", "CVE-2008-5503",
                "CVE-2008-5504", "CVE-2008-5505", "CVE-2008-5506", "CVE-2008-5507",
                "CVE-2008-5508", "CVE-2008-5510", "CVE-2008-5511", "CVE-2008-5512",
                "CVE-2008-5513");
  script_bugtraq_id(32882);
  script_name("Mozilla Firefox Multiple Vulnerabilities December-08 (Linux)");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-60.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-61.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-62.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-63.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-64.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-66.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-67.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2008/mfsa2008-69.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2008 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("gb_firefox_detect_lin.nasl");
  script_mandatory_keys("Firefox/Linux/Ver");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"executable_version");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("version_func.inc");

ffVer = get_kb_item("Firefox/Linux/Ver");
if(!ffVer){
  exit(0);
}

# Grep for firefox version < 2.0.0.19
if(version_is_less(version:ffVer, test_version:"2.0.0.19")){
  security_message(0);
  exit(0);
}

# Grep for firefox version 3.x to 3.0.4
if(version_in_range(version:ffVer, test_version:"3.0", test_version2:"3.0.4")){
  security_message(0);
}

Related

nessus 23
openvas 119
freebsd 1
centos 4
ubuntu 1
fedora 43
suse 2
securityvulns 1
redhat 3
oraclelinux 2
nessus
nessus
Ubuntu 7.10 : firefox vulnerabilities (USN-690-2)
2009-04-23 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (29f5bfc5-ce04-11dd-a721-0030843d3802)
2008-12-21 00:00:00
Oracle Linux 4 / 5 : firefox (ELSA-2008-1036)
2013-07-12 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-12-23 00:00:00
SUSE: Security Advisory for MozillaFirefox, MozillaThunderbird, mozilla (SUSE-SA:2009:002)
2009-01-20 00:00:00
SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:058
2009-01-23 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-12-17 00:00:00
centos
centos
seamonkey security update
2008-12-17 15:28:51
firefox, nspr, nss, seamonkey, xulrunner security update
2008-12-21 23:29:01
seamonkey security update
2008-12-22 02:56:59
ubuntu
ubuntu
Firefox and xulrunner vulnerabilities
2008-12-17 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: epiphany-extensions-2.24.0-3.fc10
2008-12-21 08:30:35
[SECURITY] Fedora 10 Update: evolution-rss-0.1.2-3.fc10
2008-12-21 08:30:35
[SECURITY] Fedora 10 Update: gnome-python2-extras-2.19.1-25.fc10
2008-12-21 08:30:35
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,mozilla
2009-01-14 11:55:45
remote code execution in MozillaFirefox,seamonkey
2008-12-19 13:50:24
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
2008-12-19 00:00:00
redhat
redhat
(RHSA-2009:0002) Moderate: thunderbird security update
2009-01-07 00:00:00
(RHSA-2008:1037) Critical: seamonkey security update
2008-12-16 00:00:00
(RHSA-2008:1036) Critical: firefox security update
2008-12-16 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2008-12-17 00:00:00
firefox security update
2008-12-17 00:00:00

0.052 Low

EPSS

Percentile

93.1%

JSON
Related for OPENVAS:800089
nessus23openvas119freebsd1centos4ubuntu1fedora43suse2securityvulns1redhat3oraclelinux2