Mozilla Firefox Code Execution Vulnerability (Windows) - May10
2010-05-04T00:00:00
ID OPENVAS:801326 Type openvas Reporter Copyright (c) 2010 Greenbone Networks GmbH Modified 2017-02-16T00:00:00
Description
The host is installed with Mozilla Firefox browser and is prone
to code execution vulnerability
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_firefox_code_exe_vuln_win_may10.nasl 5306 2017-02-16 09:00:16Z teissa $
#
# Mozilla Firefox Code Execution Vulnerability (Windows) - May10
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will let attackers to execute arbitrary JavaScript
with chrome privileges via a javascript: URI in input to an extension.
Impact Level: Application";
tag_affected = "Firefox version prior to 3.6 on Windows";
tag_insight = "The flaw is due to error in 'nsIScriptableUnescapeHTML.parseFragment'
method which does not properly sanitize 'HREF' attribute of an 'A' element
or the 'ACTION' attribute of a 'FORM' element.";
tag_solution = "Upgrade to Firefox version prior to 3.6.3 or later,
For updates refer tohttp://www.mozilla.com/en-US/";
tag_summary = "The host is installed with Mozilla Firefox browser and is prone
to code execution vulnerability";
if(description)
{
script_id(801326);
script_version("$Revision: 5306 $");
script_tag(name:"last_modification", value:"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $");
script_tag(name:"creation_date", value:"2010-05-04 09:40:09 +0200 (Tue, 04 May 2010)");
script_cve_id("CVE-2010-1585");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_name("Mozilla Firefox Code Execution Vulnerability (Windows) - May10");
script_xref(name : "URL" , value : "http://www.securityfocus.com/archive/1/archive/1/510883/100/0/threaded");
script_xref(name : "URL" , value : "http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/");
script_xref(name : "URL" , value : "http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf");
script_tag(name:"qod_type", value:"executable_version");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("General");
script_dependencies("gb_firefox_detect_win.nasl");
script_require_keys("Firefox/Win/Ver");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
exit(0);
}
include("version_func.inc");
ffVer = get_kb_item("Firefox/Win/Ver");
if(!ffVer){
exit(0);
}
if(version_is_less_equal(version:ffVer, test_version:"3.6")){
security_message(0);
}
{"id": "OPENVAS:801326", "type": "openvas", "bulletinFamily": "scanner", "title": "Mozilla Firefox Code Execution Vulnerability (Windows) - May10", "description": "The host is installed with Mozilla Firefox browser and is prone\n to code execution vulnerability", "published": "2010-05-04T00:00:00", "modified": "2017-02-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=801326", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["http://www.securityfocus.com/archive/1/archive/1/510883/100/0/threaded", "http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf", "http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/"], "cvelist": ["CVE-2010-1585"], "lastseen": "2017-07-02T21:09:59", "viewCount": 0, "enchantments": {"score": {"value": 8.8, "vector": "NONE", "modified": "2017-07-02T21:09:59", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1585"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231069324", "OPENVAS:840596", "OPENVAS:1361412562310122232", "OPENVAS:136141256231069115", "OPENVAS:1361412562310870643", "OPENVAS:1361412562310840596", "OPENVAS:1361412562310831346", "OPENVAS:870643", "OPENVAS:1361412562310801326", "OPENVAS:831346"]}, {"type": "seebug", "idList": ["SSV:20355"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25844", "SECURITYVULNS:VULN:11477"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2011-0374.NASL", "MANDRIVA_MDVSA-2011-042.NASL", "DEBIAN_DSA-2187.NASL", "SL_20110301_THUNDERBIRD_ON_SL6_X.NASL", "MOZILLA_THUNDERBIRD_318.NASL", "REDHAT-RHSA-2011-0374.NASL", "ORACLELINUX_ELSA-2011-0311.NASL", "UBUNTU_USN-1050-1.NASL", "ORACLELINUX_ELSA-2011-0374.NASL", "REDHAT-RHSA-2011-0311.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0310", "ELSA-2011-0311"]}, {"type": "redhat", "idList": ["RHSA-2011:0310", "RHSA-2011:0311"]}, {"type": "ubuntu", "idList": ["USN-1049-2", "USN-1050-1", "USN-1049-1", "USN-1123-1"]}, {"type": "debian", "idList": ["DEBIAN:BSA-027:63E51", "DEBIAN:DSA-2180-1:ECE4D", "DEBIAN:DSA-2187-1:21087", "DEBIAN:DSA-2186-1:C8DEB"]}, {"type": "freebsd", "idList": ["45F102CD-4456-11E0-9580-4061862B8C22"]}, {"type": "centos", "idList": ["CESA-2011:0310"]}, {"type": "suse", "idList": ["SUSE-SA:2011:013", "OPENSUSE-SU-2014:1100-1"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}], "modified": "2017-07-02T21:09:59", "rev": 2}, "vulnersScore": 8.8}, "pluginID": "801326", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_firefox_code_exe_vuln_win_may10.nasl 5306 2017-02-16 09:00:16Z teissa $\n#\n# Mozilla Firefox Code Execution Vulnerability (Windows) - May10\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let attackers to execute arbitrary JavaScript\n with chrome privileges via a javascript: URI in input to an extension.\n Impact Level: Application\";\ntag_affected = \"Firefox version prior to 3.6 on Windows\";\ntag_insight = \"The flaw is due to error in 'nsIScriptableUnescapeHTML.parseFragment'\n method which does not properly sanitize 'HREF' attribute of an 'A' element\n or the 'ACTION' attribute of a 'FORM' element.\";\ntag_solution = \"Upgrade to Firefox version prior to 3.6.3 or later,\n For updates refer tohttp://www.mozilla.com/en-US/\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone\n to code execution vulnerability\";\n\nif(description)\n{\n script_id(801326);\n script_version(\"$Revision: 5306 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-16 10:00:16 +0100 (Thu, 16 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-04 09:40:09 +0200 (Tue, 04 May 2010)\");\n script_cve_id(\"CVE-2010-1585\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Firefox Code Execution Vulnerability (Windows) - May10\");\n script_xref(name : \"URL\" , value : \"http://www.securityfocus.com/archive/1/archive/1/510883/100/0/threaded\");\n script_xref(name : \"URL\" , value : \"http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/\");\n script_xref(name : \"URL\" , value : \"http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_require_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!ffVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:ffVer, test_version:\"3.6\")){\n security_message(0);\n}\n", "naslFamily": "General"}
{"cve": [{"lastseen": "2020-12-09T19:34:38", "description": "The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element.", "edition": 5, "cvss3": {}, "published": "2010-04-28T22:30:00", "title": "CVE-2010-1585", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1585"], "modified": "2018-10-10T19:57:00", "cpe": ["cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:firefox:3.5.16", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:seamonkey:1.1.13"], "id": "CVE-2010-1585", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1585", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.23:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.22:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.5.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:thunderbird:3.1.3:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-27T19:23:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1585"], "description": "The host is installed with Mozilla Firefox browser and is prone\n to code execution vulnerability", "modified": "2020-04-23T00:00:00", "published": "2010-05-04T00:00:00", "id": "OPENVAS:1361412562310801326", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310801326", "type": "openvas", "title": "Mozilla Firefox Code Execution Vulnerability (Windows) - May10", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox Code Execution Vulnerability (Windows) - May10\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.801326\");\n script_version(\"2020-04-23T12:22:09+0000\");\n script_tag(name:\"last_modification\", value:\"2020-04-23 12:22:09 +0000 (Thu, 23 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2010-05-04 09:40:09 +0200 (Tue, 04 May 2010)\");\n script_cve_id(\"CVE-2010-1585\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mozilla Firefox Code Execution Vulnerability (Windows) - May10\");\n script_xref(name:\"URL\", value:\"http://www.securityfocus.com/archive/1/archive/1/510883/100/0/threaded\");\n script_xref(name:\"URL\", value:\"http://wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/\");\n script_xref(name:\"URL\", value:\"http://www.security-assessment.com/files/whitepapers/Cross_Context_Scripting_with_Firefox.pdf\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2010 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let attackers to execute arbitrary JavaScript\n with chrome privileges via a javascript: URI in input to an extension.\");\n script_tag(name:\"affected\", value:\"Firefox version prior to 3.6 on Windows\");\n script_tag(name:\"insight\", value:\"The flaw is due to error in 'nsIScriptableUnescapeHTML.parseFragment'\n method which does not properly sanitize 'HREF' attribute of an 'A' element\n or the 'ACTION' attribute of a 'FORM' element.\");\n script_tag(name:\"solution\", value:\"Upgrade to Firefox version prior to 3.6.3 or later.\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone\n to code execution vulnerability\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox/Win/Ver\");\nif(!ffVer){\n exit(0);\n}\n\nif(version_is_less_equal(version:ffVer, test_version:\"3.6\")){\n report = report_fixed_ver(installed_version:ffVer, vulnerable_range:\"Less than or equal to 3.6\");\n security_message(port: 0, data: report);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1050-1", "modified": "2017-12-01T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:840596", "href": "http://plugins.openvas.org/nasl.php?oid=840596", "type": "openvas", "title": "Ubuntu Update for thunderbird vulnerabilities USN-1050-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1050_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for thunderbird vulnerabilities USN-1050-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry\n Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several\n memory issues in the browser engine. An attacker could exploit these to\n crash the browser or possibly run arbitrary code as the user invoking the\n program. (CVE-2011-0053, CVE-2011-0062)\n\n Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript\n execution in chrome documents. A malicious extension could exploit this to\n execute arbitrary code with chrome privlieges. (CVE-2010-1585)\n \n Jordi Chancel discovered a buffer overlow in the JPEG decoding engine. An\n attacker could exploit this to crash the browser or possibly run arbitrary\n code as the user invoking the program. (CVE-2011-0061)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1050-1\";\ntag_affected = \"thunderbird vulnerabilities on Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1050-1/\");\n script_id(840596);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1050-1\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_name(\"Ubuntu Update for thunderbird vulnerabilities USN-1050-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Check for the Version of mozilla-thunderbird", "modified": "2017-07-06T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:831346", "href": "http://plugins.openvas.org/nasl.php?oid=831346", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security issues were identified and fixed in mozilla-thunderbird:\n\n Multiple unspecified vulnerabilities in the browser engine in Mozilla\n Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before\n 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause\n a denial of service (memory corruption and application crash) or\n possibly execute arbitrary code via unknown vectors (CVE-2011-0053).\n \n Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird\n before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers\n to execute arbitrary code or cause a denial of service (application\n crash) via a crafted JPEG image (CVE-2011-0061).\n \n Multiple unspecified vulnerabilities in the browser engine in Mozilla\n Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly execute arbitrary code via unknown\n vectors (CVE-2011-0062).\n \n The nsIScriptableUnescapeHTML.parseFragment method in the\n ParanoidFragmentSink protection mechanism in Mozilla Firefox before\n 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey\n before 2.0.12 does not properly sanitize HTML in a chrome document,\n which makes it easier for remote attackers to execute arbitrary\n JavaScript with chrome privileges via a javascript: URI in input to\n an extension, as demonstrated by a javascript:alert sequence in (1)\n the HREF attribute of an A element or (2) the ACTION attribute of a\n FORM element (CVE-2010-1585).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"mozilla-thunderbird on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-03/msg00004.php\");\n script_id(831346);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:042\");\n script_cve_id(\"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\", \"CVE-2010-1585\");\n script_name(\"Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)\");\n\n script_summary(\"Check for the Version of mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-06-11T17:53:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1050-1", "modified": "2020-06-09T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:1361412562310840596", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840596", "type": "openvas", "title": "Ubuntu Update for thunderbird vulnerabilities USN-1050-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for thunderbird vulnerabilities USN-1050-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1050-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840596\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1050-1\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_name(\"Ubuntu Update for thunderbird vulnerabilities USN-1050-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1050-1\");\n script_tag(name:\"affected\", value:\"thunderbird vulnerabilities on Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry\n Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several\n memory issues in the browser engine. An attacker could exploit these to\n crash the browser or possibly run arbitrary code as the user invoking the\n program. (CVE-2011-0053, CVE-2011-0062)\n\n Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript\n execution in chrome documents. A malicious extension could exploit this to\n execute arbitrary code with chrome privlieges. (CVE-2010-1585)\n\n Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An\n attacker could exploit this to crash the browser or possibly run arbitrary\n code as the user invoking the program. (CVE-2011-0061)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-dev\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support-dbg\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird-gnome-support\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:56:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Check for the Version of thunderbird", "modified": "2017-12-28T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:870643", "href": "http://plugins.openvas.org/nasl.php?oid=870643", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2011:0311-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2011:0311-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML content.\n Malicious HTML content could cause Thunderbird to crash or, potentially,\n execute arbitrary code with the privileges of the user running Thunderbird.\n (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\n A flaw was found in the way Thunderbird handled malformed JPEG images. An\n HTML mail message containing a malicious JPEG image could cause\n Thunderbird to crash or, potentially, execute arbitrary code with the\n privileges of the user running Thunderbird. (CVE-2011-0061)\n\n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00007.html\");\n script_id(870643);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:51 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0311-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2011:0311-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.8~4.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~3.1.8~4.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Oracle Linux Local Security Checks ELSA-2011-0311", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122232", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0311", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0311.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122232\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:08 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0311\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0311 - thunderbird security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0311\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0311.html\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.8~4.0.2.el6_0\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:1361412562310831346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831346", "type": "openvas", "title": "Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-03/msg00004.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831346\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:042\");\n script_cve_id(\"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\", \"CVE-2010-1585\");\n script_name(\"Mandriva Update for mozilla-thunderbird MDVSA-2011:042 (mozilla-thunderbird)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mozilla-thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"mozilla-thunderbird on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64\");\n script_tag(name:\"insight\", value:\"Security issues were identified and fixed in mozilla-thunderbird:\n\n Multiple unspecified vulnerabilities in the browser engine in Mozilla\n Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before\n 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause\n a denial of service (memory corruption and application crash) or\n possibly execute arbitrary code via unknown vectors (CVE-2011-0053).\n\n Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird\n before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers\n to execute arbitrary code or cause a denial of service (application\n crash) via a crafted JPEG image (CVE-2011-0061).\n\n Multiple unspecified vulnerabilities in the browser engine in Mozilla\n Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow\n remote attackers to cause a denial of service (memory corruption and\n application crash) or possibly execute arbitrary code via unknown\n vectors (CVE-2011-0062).\n\n The nsIScriptableUnescapeHTML.parseFragment method in the\n ParanoidFragmentSink protection mechanism in Mozilla Firefox before\n 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey\n before 2.0.12 does not properly sanitize HTML in a chrome document,\n which makes it easier for remote attackers to execute arbitrary\n JavaScript with chrome privileges via a javascript: URI in input to\n an extension, as demonstrated by a javascript:alert sequence in (1)\n the HREF attribute of an A element or (2) the ACTION attribute of a\n FORM element (CVE-2010-1585).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Additionally, some packages which require so, have been rebuilt and\n are being provided as updates.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird\", rpm:\"mozilla-thunderbird~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-af\", rpm:\"mozilla-thunderbird-af~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ar\", rpm:\"mozilla-thunderbird-ar~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-be\", rpm:\"mozilla-thunderbird-be~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bg\", rpm:\"mozilla-thunderbird-bg~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-bn_BD\", rpm:\"mozilla-thunderbird-bn_BD~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ca\", rpm:\"mozilla-thunderbird-ca~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-cs\", rpm:\"mozilla-thunderbird-cs~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-da\", rpm:\"mozilla-thunderbird-da~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-de\", rpm:\"mozilla-thunderbird-de~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-el\", rpm:\"mozilla-thunderbird-el~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-en_GB\", rpm:\"mozilla-thunderbird-en_GB~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail\", rpm:\"mozilla-thunderbird-enigmail~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ar\", rpm:\"mozilla-thunderbird-enigmail-ar~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ca\", rpm:\"mozilla-thunderbird-enigmail-ca~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-cs\", rpm:\"mozilla-thunderbird-enigmail-cs~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-de\", rpm:\"mozilla-thunderbird-enigmail-de~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-el\", rpm:\"mozilla-thunderbird-enigmail-el~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-es\", rpm:\"mozilla-thunderbird-enigmail-es~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fi\", rpm:\"mozilla-thunderbird-enigmail-fi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-fr\", rpm:\"mozilla-thunderbird-enigmail-fr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-hu\", rpm:\"mozilla-thunderbird-enigmail-hu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-it\", rpm:\"mozilla-thunderbird-enigmail-it~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ja\", rpm:\"mozilla-thunderbird-enigmail-ja~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ko\", rpm:\"mozilla-thunderbird-enigmail-ko~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nb\", rpm:\"mozilla-thunderbird-enigmail-nb~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-nl\", rpm:\"mozilla-thunderbird-enigmail-nl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pl\", rpm:\"mozilla-thunderbird-enigmail-pl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt\", rpm:\"mozilla-thunderbird-enigmail-pt~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-pt_BR\", rpm:\"mozilla-thunderbird-enigmail-pt_BR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-ru\", rpm:\"mozilla-thunderbird-enigmail-ru~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sl\", rpm:\"mozilla-thunderbird-enigmail-sl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-sv\", rpm:\"mozilla-thunderbird-enigmail-sv~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-tr\", rpm:\"mozilla-thunderbird-enigmail-tr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-vi\", rpm:\"mozilla-thunderbird-enigmail-vi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_CN\", rpm:\"mozilla-thunderbird-enigmail-zh_CN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-enigmail-zh_TW\", rpm:\"mozilla-thunderbird-enigmail-zh_TW~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_AR\", rpm:\"mozilla-thunderbird-es_AR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-es_ES\", rpm:\"mozilla-thunderbird-es_ES~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et\", rpm:\"mozilla-thunderbird-et~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-et_EE\", rpm:\"mozilla-thunderbird-et_EE~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-eu\", rpm:\"mozilla-thunderbird-eu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fi\", rpm:\"mozilla-thunderbird-fi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fr\", rpm:\"mozilla-thunderbird-fr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-fy\", rpm:\"mozilla-thunderbird-fy~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ga\", rpm:\"mozilla-thunderbird-ga~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gd\", rpm:\"mozilla-thunderbird-gd~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-gl\", rpm:\"mozilla-thunderbird-gl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-he\", rpm:\"mozilla-thunderbird-he~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-hu\", rpm:\"mozilla-thunderbird-hu~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-id\", rpm:\"mozilla-thunderbird-id~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-is\", rpm:\"mozilla-thunderbird-is~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-it\", rpm:\"mozilla-thunderbird-it~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ja\", rpm:\"mozilla-thunderbird-ja~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ka\", rpm:\"mozilla-thunderbird-ka~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ko\", rpm:\"mozilla-thunderbird-ko~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lightning\", rpm:\"mozilla-thunderbird-lightning~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-lt\", rpm:\"mozilla-thunderbird-lt~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nb_NO\", rpm:\"mozilla-thunderbird-nb_NO~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nl\", rpm:\"mozilla-thunderbird-nl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-nn_NO\", rpm:\"mozilla-thunderbird-nn_NO~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pa_IN\", rpm:\"mozilla-thunderbird-pa_IN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pl\", rpm:\"mozilla-thunderbird-pl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_BR\", rpm:\"mozilla-thunderbird-pt_BR~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-pt_PT\", rpm:\"mozilla-thunderbird-pt_PT~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ro\", rpm:\"mozilla-thunderbird-ro~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-ru\", rpm:\"mozilla-thunderbird-ru~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-si\", rpm:\"mozilla-thunderbird-si~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sk\", rpm:\"mozilla-thunderbird-sk~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sl\", rpm:\"mozilla-thunderbird-sl~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sq\", rpm:\"mozilla-thunderbird-sq~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sr\", rpm:\"mozilla-thunderbird-sr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-sv_SE\", rpm:\"mozilla-thunderbird-sv_SE~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-tr\", rpm:\"mozilla-thunderbird-tr~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-uk\", rpm:\"mozilla-thunderbird-uk~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-vi\", rpm:\"mozilla-thunderbird-vi~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_CN\", rpm:\"mozilla-thunderbird-zh_CN~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-zh_TW\", rpm:\"mozilla-thunderbird-zh_TW~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nsinstall\", rpm:\"nsinstall~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-thunderbird-l10n\", rpm:\"mozilla-thunderbird-l10n~3.1.9~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:1361412562310870643", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870643", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2011:0311-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2011:0311-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00007.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870643\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:38:51 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0311-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2011:0311-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Several flaws were found in the processing of malformed HTML content.\n Malicious HTML content could cause Thunderbird to crash or, potentially,\n execute arbitrary code with the privileges of the user running Thunderbird.\n (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\n A flaw was found in the way Thunderbird handled malformed JPEG images. An\n HTML mail message containing a malicious JPEG image could cause\n Thunderbird to crash or, potentially, execute arbitrary code with the\n privileges of the user running Thunderbird. (CVE-2011-0061)\n\n All Thunderbird users should upgrade to this updated package, which\n resolves these issues. All running instances of Thunderbird must be\n restarted for the update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~3.1.8~4.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~3.1.8~4.el6_0\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "The remote host is missing an update to iceape\nannounced via advisory DSA 2180-1.", "modified": "2019-03-18T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:136141256231069115", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069115", "type": "openvas", "title": "Debian Security Advisory DSA 2180-1 (iceape)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2180_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2180-1 (iceape)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69115\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0054\", \"CVE-2011-0055\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0059\", \"CVE-2010-0056\");\n script_name(\"Debian Security Advisory DSA 2180-1 (iceape)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been found in the Iceape internet suite, an\nunbranded version of Seamonkey:\n\nCVE-2010-1585\n\nRoberto Suggi Liverani discovered that the sanitising performed by\nParanoidFragmentSink was incomplete.\n\nCVE-2011-0051\n\nZach Hoffmann discovered that incorrect parsing of recursive eval()\ncalls could lead to attackers forcing acceptance of a confirmation\ndialogue.\n\nCVE-2011-0053\n\nCrashes in the layout engine may lead to the execution of arbitrary\ncode.\n\nCVE-2011-0054\n\nChristian Holler discovered buffer overflows in the Javascript engine,\nwhich could allow the execution of arbitrary code.\n\nCVE-2010-0056\n\nChristian Holler discovered buffer overflows in the Javascript engine,\nwhich could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\nregenrecht and Igor Bukanov discovered a use-after-free error in the\nJSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\nDaniel Kozlowski discovered that incorrect memory handling the web workers\nimplementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\nPeleus Uhley discovered a cross-site request forgery risk in the plugin\ncode.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to iceape\nannounced via advisory DSA 2180-1.\");\n script_tag(name:\"solution\", value:\"The oldstable distribution (lenny) is not affected. The iceape package only\nprovides the XPCOM code.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.11-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.0.12-1.\n\nWe recommend that you upgrade your iceape packages.\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202180-1\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"iceape\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-browser\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-chatzilla\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-dbg\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-dev\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"iceape-mailnews\", ver:\"2.0.11-3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "The remote host is missing an update to icedove\nannounced via advisory DSA 2187-1.", "modified": "2019-03-18T00:00:00", "published": "2011-05-12T00:00:00", "id": "OPENVAS:136141256231069324", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069324", "type": "openvas", "title": "Debian Security Advisory DSA 2187-1 (icedove)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2187_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2187-1 (icedove)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69324\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-12 19:21:50 +0200 (Thu, 12 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0054\", \"CVE-2011-0055\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0059\", \"CVE-2010-0056\");\n script_name(\"Debian Security Advisory DSA 2187-1 (icedove)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202187-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in Icedove, an unbranded\nversion of the Thunderbird mail/news client.\n\nCVE-2010-1585\n\nRoberto Suggi Liverani discovered that the sanitising performed by\nParanoidFragmentSink was incomplete.\n\nCVE-2011-0053\n\nCrashes in the layout engine may lead to the execution of arbitrary\ncode.\n\nCVE-2011-0051\n\nZach Hoffmann discovered that incorrect parsing of recursive eval()\ncalls could lead to attackers forcing acceptance of a confirmation\ndialogue.\n\nCVE-2011-0054, CVE-2010-0056\n\nChristian Holler discovered buffer overflows in the Javascript engine,\nwhich could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\nregenrecht and Igor Bukanov discovered a use-after-free error in the\nJSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\nDaniel Kozlowski discovered that incorrect memory handling the web workers\nimplementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\nPeleus Uhley discovered a cross-site request forgery risk in the plugin\ncode.\n\n\nAs indicated in the Lenny (oldstable) release notes, security support for\nthe Icedove packages in the oldstable needed to be stopped before the end\nof the regular Lenny security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a different\nmail client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.0.11-1+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.0.11-2.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your icedove packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to icedove\nannounced via advisory DSA 2187-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"icedove\", ver:\"3.0.11-1+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"3.0.11-1+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"3.0.11-1+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "cvelist": ["CVE-2010-1585"], "description": "Mozilla Foundation Security Advisory 2011-08\r\n\r\nTitle: ParanoidFragmentSink allows javascript: URLs in chrome documents\r\nImpact: Moderate\r\nAnnounced: March 1, 2011\r\nReporter: Roberto Suggi Liverani\r\nProducts: Firefox, Thunderbird, SeaMonkey\r\n\r\nFixed in: Firefox 3.6.14\r\n Firefox 3.5.17\r\n Thunderbird 3.1.8\r\n SeaMonkey 2.0.12\r\nDescription\r\n\r\nMozilla security developer Roberto Suggi Liverani reported that ParanoidFragmentSink, a class used to sanitize potentially unsafe HTML for display, allows javascript: URLs and other inline JavaScript when the embedding document is a chrome document. While there are no unsafe uses of this class in any released products, extension code could have potentially used it in an unsafe manner.\r\nReferences\r\n\r\n * https://bugzilla.mozilla.org/show_bug.cgi?id=562547\r\n * CVE-2010-1585\r\n", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:DOC:25844", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25844", "title": "Mozilla Foundation Security Advisory 2011-08", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "Multiple memory corruptions, buffer overflows, user-after-free, crossite scripting, crossite request forgery, etc.", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:VULN:11477", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11477", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T18:06:03", "description": "BUGTRAQ ID: 46368\r\nCVE ID: CVE-2010-1585,VE-2011-0051,VE-2011-0054,VE-2011-0055,VE-2011-0056,VE-2011-0057,VE-2011-0058,VE-2011-0059,VE-2011-0061,VE-2011-0062\r\n\r\nFirefox\u662f\u4e00\u6b3e\u975e\u5e38\u6d41\u884c\u7684\u5f00\u6e90WEB\u6d4f\u89c8\u5668\u3002Thunderbird\u662f\u4e00\u4e2a\u90ae\u4ef6\u5ba2\u6237\u7aef\uff0c\u652f\u6301IMAP\u3001POP\u90ae\u4ef6\u534f\u8bae\u4ee5\u53caHTML\u90ae\u4ef6\u683c\u5f0f\u3002SeaMonkey\u662f\u5f00\u6e90\u7684Web\u6d4f\u89c8\u5668\u3001\u90ae\u4ef6\u548c\u65b0\u95fb\u7ec4\u5ba2\u6237\u7aef\u3001IRC\u4f1a\u8bdd\u5ba2\u6237\u7aef\u548cHTML\u7f16\u8f91\u5668\u3002\r\n\r\nMozilla Firefox\u3001Thunderbird\u548cSeaMonkey\u4e2d\u5b58\u5728\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3001\u4f7f\u5e94\u7528\u7a0b\u5e8f\u5d29\u6e83\u548c\u63d0\u5347\u6743\u9650\u3002\n\nMozilla Thunderbird < = 3.1.7\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMozilla\r\n-------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.mozilla.org/", "published": "2011-03-03T00:00:00", "title": "Mozilla Firefox/Thunderbird/SeaMonkey MFSA\u591a\u4e2a\u5b89\u5168\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2010-1585"], "modified": "2011-03-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20355", "id": "SSV:20355", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "nessus": [{"lastseen": "2021-01-07T11:53:06", "description": "Security issues were identified and fixed in mozilla-thunderbird :\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before\n3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a\ndenial of service (memory corruption and application crash) or\npossibly execute arbitrary code via unknown vectors (CVE-2011-0053).\n\nBuffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird\nbefore 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers\nto execute arbitrary code or cause a denial of service (application\ncrash) via a crafted JPEG image (CVE-2011-0061).\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow\nremote attackers to cause a denial of service (memory corruption and\napplication crash) or possibly execute arbitrary code via unknown\nvectors (CVE-2011-0062).\n\nThe nsIScriptableUnescapeHTML.parseFragment method in the\nParanoidFragmentSink protection mechanism in Mozilla Firefox before\n3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and\nSeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome\ndocument, which makes it easier for remote attackers to execute\narbitrary JavaScript with chrome privileges via a javascript: URI in\ninput to an extension, as demonstrated by a javascript:alert sequence\nin (1) the HREF attribute of an A element or (2) the ACTION attribute\nof a FORM element (CVE-2010-1585).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.", "edition": 24, "published": "2011-03-08T00:00:00", "title": "Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:042)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2011-03-08T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mozilla-thunderbird-bn_BD", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-da", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt", "p-cpe:/a:mandriva:linux:nsinstall", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-id", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-de", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-el", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-af", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ka", "cpe:/o:mandriva:linux:2010.1", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi", "cpe:/o:mandriva:linux:2010.0", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-is", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ro", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-he", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO", "p-cpe:/a:mandriva:linux:mozilla-thunderbird", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-si", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-vi", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-be", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-et_EE", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-et", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk", "p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs"], "id": "MANDRIVA_MDVSA-2011-042.NASL", "href": "https://www.tenable.com/plugins/nessus/52577", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:042. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52577);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_bugtraq_id(46645, 46647, 46651);\n script_xref(name:\"MDVSA\", value:\"2011:042\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:042)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security issues were identified and fixed in mozilla-thunderbird :\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before\n3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a\ndenial of service (memory corruption and application crash) or\npossibly execute arbitrary code via unknown vectors (CVE-2011-0053).\n\nBuffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird\nbefore 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers\nto execute arbitrary code or cause a denial of service (application\ncrash) via a crafted JPEG image (CVE-2011-0061).\n\nMultiple unspecified vulnerabilities in the browser engine in Mozilla\nFirefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow\nremote attackers to cause a denial of service (memory corruption and\napplication crash) or possibly execute arbitrary code via unknown\nvectors (CVE-2011-0062).\n\nThe nsIScriptableUnescapeHTML.parseFragment method in the\nParanoidFragmentSink protection mechanism in Mozilla Firefox before\n3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and\nSeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome\ndocument, which makes it easier for remote attackers to execute\narbitrary JavaScript with chrome privileges via a javascript: URI in\ninput to an extension, as demonstrated by a javascript:alert sequence\nin (1) the HREF attribute of an A element or (2) the ACTION attribute\nof a FORM element (CVE-2010-1585).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nAdditionally, some packages which require so, have been rebuilt and\nare being provided as updates.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozillamessaging.com/en-US/thunderbird/3.1.9/releasenotes/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-bn_BD\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-en_GB\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_AR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-es_ES\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-et_EE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nb_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-nn_NO\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pa_IN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_BR\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-pt_PT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-sv_SE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_CN\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mozilla-thunderbird-zh_TW\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nsinstall\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-af-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ar-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-be-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-bg-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-bn_BD-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ca-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-cs-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-da-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-de-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-el-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-en_GB-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-ar-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-ca-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-cs-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-de-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-el-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-es-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-fi-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-fr-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-hu-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-it-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-ja-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-ko-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-nb-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-nl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-pl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-pt-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-pt_BR-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-ru-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-sl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-sv-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-tr-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-vi-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-zh_CN-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-enigmail-zh_TW-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-es_AR-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-es_ES-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-et-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-et_EE-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-eu-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-fi-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-fr-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-fy-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ga-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-gd-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-gl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-he-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-hu-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-id-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-is-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-it-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ja-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ka-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ko-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-lightning-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-lt-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-nb_NO-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-nl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-nn_NO-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-pa_IN-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-pl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-pt_BR-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-pt_PT-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ro-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-ru-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-si-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-sk-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-sl-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-sq-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-sr-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-sv_SE-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-tr-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-uk-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-vi-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-zh_CN-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"mozilla-thunderbird-zh_TW-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nsinstall-3.1.9-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-af-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ar-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-be-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-bg-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-bn_BD-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ca-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-cs-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-da-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-de-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-el-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-en_GB-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-ar-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-ca-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-cs-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-de-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-el-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-es-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-fi-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-fr-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-hu-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-it-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-ja-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-ko-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-nb-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-nl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-pl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-pt-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-pt_BR-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-ru-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-sl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-sv-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-tr-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-vi-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-zh_CN-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-enigmail-zh_TW-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-es_AR-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-es_ES-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-et-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-et_EE-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-eu-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-fi-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-fr-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-fy-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ga-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-gd-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-gl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-he-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-hu-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-id-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-is-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-it-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ja-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ka-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ko-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-lightning-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-lt-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-nb_NO-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-nl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-nn_NO-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-pa_IN-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-pl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-pt_BR-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-pt_PT-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ro-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-ru-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-si-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-sk-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-sl-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-sq-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-sr-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-sv_SE-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-tr-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-uk-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-vi-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-zh_CN-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"mozilla-thunderbird-zh_TW-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"nsinstall-3.1.9-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-af-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ar-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-be-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-bg-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-bn_BD-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ca-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-cs-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-da-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-de-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-el-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-en_GB-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-ar-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-ca-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-cs-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-de-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-el-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-es-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-fi-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-fr-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-hu-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-it-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-ja-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-ko-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-nb-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-nl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-pl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-pt-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-pt_BR-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-ru-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-sl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-sv-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-tr-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-vi-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-zh_CN-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-enigmail-zh_TW-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-es_AR-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-es_ES-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-et-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-et_EE-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-eu-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-fi-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-fr-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-fy-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ga-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-gd-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-gl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-he-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-hu-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-id-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-is-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-it-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ja-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ka-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ko-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-lightning-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-lt-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-nb_NO-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-nl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-nn_NO-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-pa_IN-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-pl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-pt_BR-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-pt_PT-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ro-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-ru-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-si-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-sk-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-sl-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-sq-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-sr-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-sv_SE-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-tr-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-uk-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-vi-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-zh_CN-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"mozilla-thunderbird-zh_TW-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"nsinstall-3.1.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:34:16", "description": "Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden,\nHenry Sivonen, Martijn Wargers, David Baron and Marcia Knous\ndiscovered several memory issues in the browser engine. An attacker\ncould exploit these to crash the browser or possibly run arbitrary\ncode as the user invoking the program. (CVE-2011-0053, CVE-2011-0062)\n\nRoberto Suggi Liverani discovered a possible issue with unsafe\nJavaScript execution in chrome documents. A malicious extension could\nexploit this to execute arbitrary code with chrome privlieges.\n(CVE-2010-1585)\n\nJordi Chancel discovered a buffer overlow in the JPEG decoding engine.\nAn attacker could exploit this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2011-0061).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-03-03T00:00:00", "title": "Ubuntu 10.04 LTS / 10.10 : thunderbird vulnerabilities (USN-1050-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support-dbg", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:thunderbird-dbg", "p-cpe:/a:canonical:ubuntu_linux:thunderbird", "p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support", "p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev"], "id": "UBUNTU_USN-1050-1.NASL", "href": "https://www.tenable.com/plugins/nessus/52527", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1050-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52527);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_bugtraq_id(46368, 46645, 46647, 46651);\n script_xref(name:\"USN\", value:\"1050-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 : thunderbird vulnerabilities (USN-1050-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden,\nHenry Sivonen, Martijn Wargers, David Baron and Marcia Knous\ndiscovered several memory issues in the browser engine. An attacker\ncould exploit these to crash the browser or possibly run arbitrary\ncode as the user invoking the program. (CVE-2011-0053, CVE-2011-0062)\n\nRoberto Suggi Liverani discovered a possible issue with unsafe\nJavaScript execution in chrome documents. A malicious extension could\nexploit this to execute arbitrary code with chrome privlieges.\n(CVE-2010-1585)\n\nJordi Chancel discovered a buffer overlow in the JPEG decoding engine.\nAn attacker could exploit this to crash the browser or possibly run\narbitrary code as the user invoking the program. (CVE-2011-0061).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1050-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird-gnome-support-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird-dbg\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird-dev\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird-gnome-support\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird-gnome-support-dbg\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"thunderbird\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"thunderbird-dbg\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"thunderbird-dev\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"thunderbird-gnome-support\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"thunderbird-gnome-support-dbg\", pkgver:\"3.1.8+build3+nobinonly-0ubuntu0.10.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-dbg / thunderbird-dev / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T03:52:45", "description": "The installed version of Thunderbird 3.1 is earlier than 3.1.8.\nSuch versions are potentially affected by multiple vulnerabilities :\n\n - Multiple memory corruption errors exist and may lead to\n arbitrary code execution. (MFSA 2011-01)\n\n - An input validation error exists in the class, \n 'ParanoidFragmentSink', which allows inline JavaScript\n and 'javascript:' URLs in a chrome document. Note that\n no unsafe usage occurs in Mozilla products, however\n community generated extensions could.(MFSA 2011-08)\n\n - A buffer overflow exists related to JPEG decoding and\n may lead to arbitrary code execution. (MFSA 2011-09)", "edition": 27, "published": "2011-03-03T00:00:00", "title": "Mozilla Thunderbird 3.1 < 3.1.8 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_318.NASL", "href": "https://www.tenable.com/plugins/nessus/52532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52532);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/15 20:50:27\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \n \"CVE-2011-0062\");\n script_bugtraq_id(46368, 46645, 46647, 46651);\n script_xref(name:\"Secunia\", value:\"43586\");\n\n script_name(english:\"Mozilla Thunderbird 3.1 < 3.1.8 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is affected by \nmultiple vulnerabilities.\");\n \n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 3.1 is earlier than 3.1.8.\nSuch versions are potentially affected by multiple vulnerabilities :\n\n - Multiple memory corruption errors exist and may lead to\n arbitrary code execution. (MFSA 2011-01)\n\n - An input validation error exists in the class, \n 'ParanoidFragmentSink', which allows inline JavaScript\n and 'javascript:' URLs in a chrome document. Note that\n no unsafe usage occurs in Mozilla products, however\n community generated extensions could.(MFSA 2011-08)\n\n - A buffer overflow exists related to JPEG decoding and\n may lead to arbitrary code execution. (MFSA 2011-09)\");\n\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/bugtraq/2010/Apr/202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-01/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-08/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2011-09/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?54e90acb\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Thunderbird 3.1.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'3.1.8', min:'3.1.0', severity:SECURITY_HOLE);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:08:59", "description": "An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "edition": 26, "published": "2011-03-02T00:00:00", "title": "RHEL 6 : thunderbird (RHSA-2011:0311)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2011-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2011-0311.NASL", "href": "https://www.tenable.com/plugins/nessus/52495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0311. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52495);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_xref(name:\"RHSA\", value:\"2011:0311\");\n\n script_name(english:\"RHEL 6 : thunderbird (RHSA-2011:0311)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-0053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-0061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-0062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0311\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0311\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-3.1.8-4.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-3.1.8-4.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-3.1.8-4.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-3.1.8-4.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-3.1.8-4.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-3.1.8-4.el6_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:45:31", "description": "Several flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll running instances of Thunderbird must be restarted for the update\nto take effect.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110301_THUNDERBIRD_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60976", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60976);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll running instances of Thunderbird must be restarted for the update\nto take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=6408\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fb4bfc01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-3.1.8-4.el6_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:45:45", "description": "From Red Hat Security Advisory 2011:0311 :\n\nAn updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "edition": 23, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : thunderbird (ELSA-2011-0311)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:thunderbird"], "id": "ORACLELINUX_ELSA-2011-0311.NASL", "href": "https://www.tenable.com/plugins/nessus/68214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0311 and \n# Oracle Linux Security Advisory ELSA-2011-0311 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68214);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_xref(name:\"RHSA\", value:\"2011:0311\");\n\n script_name(english:\"Oracle Linux 6 : thunderbird (ELSA-2011-0311)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0311 :\n\nAn updated thunderbird package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird. (CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images.\nAn HTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/001961.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-3.1.8-4.0.2.el6_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:26:56", "description": "An updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "edition": 25, "published": "2011-03-24T00:00:00", "title": "CentOS 4 : thunderbird (CESA-2011:0374)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051"], "modified": "2011-03-24T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:thunderbird"], "id": "CENTOS_RHSA-2011-0374.NASL", "href": "https://www.tenable.com/plugins/nessus/52944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0374 and \n# CentOS Errata and Security Advisory 2011:0374 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52944);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_xref(name:\"RHSA\", value:\"2011:0374\");\n\n script_name(english:\"CentOS 4 : thunderbird (CESA-2011:0374)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-March/017275.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1769b4bb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"thunderbird-1.5.0.12-36.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"thunderbird-1.5.0.12-36.el4.centos\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:45:48", "description": "From Red Hat Security Advisory 2011:0374 :\n\nAn updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "edition": 23, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 / 6 : thunderbird (ELSA-2011-0374)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:thunderbird", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2011-0374.NASL", "href": "https://www.tenable.com/plugins/nessus/68234", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0374 and \n# Oracle Linux Security Advisory ELSA-2011-0374 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68234);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_xref(name:\"RHSA\", value:\"2011:0374\");\n\n script_name(english:\"Oracle Linux 4 / 6 : thunderbird (ELSA-2011-0374)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0374 :\n\nAn updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/002022.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/002026.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"thunderbird-1.5.0.12-36.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"thunderbird-3.1.9-3.0.1.el6_0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:09:02", "description": "An updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.", "edition": 26, "published": "2011-03-23T00:00:00", "title": "RHEL 4 / 5 / 6 : thunderbird (RHSA-2011:0374)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051"], "modified": "2011-03-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5.6", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2011-0374.NASL", "href": "https://www.tenable.com/plugins/nessus/52762", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0374. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52762);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0061\", \"CVE-2011-0062\");\n script_xref(name:\"RHSA\", value:\"2011:0374\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : thunderbird (RHSA-2011:0374)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated thunderbird package that fixes one security issue and one\nbug is now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis erratum blacklists a small number of HTTPS certificates.\n(BZ#689430)\n\nThis update also fixes the following bug :\n\n* The RHSA-2011:0312 and RHSA-2011:0311 updates introduced a\nregression, preventing some Java content and plug-ins written in Java\nfrom loading. With this update, the Java content and plug-ins work as\nexpected. (BZ#683076)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-0312.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0312\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-0311.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0374\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0374\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"thunderbird-1.5.0.12-36.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-2.0.0.24-15.el5_6\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-2.0.0.24-15.el5_6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-3.1.9-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-3.1.9-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-3.1.9-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-3.1.9-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-3.1.9-3.el6_0\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-3.1.9-3.el6_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:46:20", "description": "Several vulnerabilities have been found in the Iceape internet suite,\nan unbranded version of SeaMonkey :\n\n - CVE-2010-1585\n Roberto Suggi Liverani discovered that the sanitising\n performed by ParanoidFragmentSink was incomplete.\n\n - CVE-2011-0051\n Zach Hoffmann discovered that incorrect parsing of\n recursive eval() calls could lead to attackers forcing\n acceptance of a confirmation dialogue.\n\n - CVE-2011-0053\n Crashes in the layout engine may lead to the execution\n of arbitrary code.\n\n - CVE-2011-0054\n Christian Holler discovered buffer overflows in the\n JavaScript engine, which could allow the execution of\n arbitrary code.\n\n - CVE-2011-0055\n 'regenrecht' and Igor Bukanov discovered a\n use-after-free error in the JSON-Implementation, which\n could lead to the execution of arbitrary code.\n\n - CVE-2011-0056\n Christian Holler discovered buffer overflows in the\n JavaScript engine, which could allow the execution of\n arbitrary code.\n\n - CVE-2011-0057\n Daniel Kozlowski discovered that incorrect memory\n handling the web workers implementation could lead to\n the execution of arbitrary code.\n\n - CVE-2011-0059\n Peleus Uhley discovered a cross-site request forgery\n risk in the plugin code.\n\nThe oldstable distribution (lenny) is not affected. The iceape package\nonly provides the XPCOM code.", "edition": 17, "published": "2011-03-04T00:00:00", "title": "Debian DSA-2180-1 : iceape - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "modified": "2011-03-04T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:iceape"], "id": "DEBIAN_DSA-2180.NASL", "href": "https://www.tenable.com/plugins/nessus/52537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2180. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52537);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1585\", \"CVE-2011-0051\", \"CVE-2011-0053\", \"CVE-2011-0054\", \"CVE-2011-0055\", \"CVE-2011-0056\", \"CVE-2011-0057\", \"CVE-2011-0059\");\n script_bugtraq_id(46643, 46645, 46648, 46650, 46652, 46661, 46663);\n script_xref(name:\"DSA\", value:\"2180\");\n\n script_name(english:\"Debian DSA-2180-1 : iceape - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in the Iceape internet suite,\nan unbranded version of SeaMonkey :\n\n - CVE-2010-1585\n Roberto Suggi Liverani discovered that the sanitising\n performed by ParanoidFragmentSink was incomplete.\n\n - CVE-2011-0051\n Zach Hoffmann discovered that incorrect parsing of\n recursive eval() calls could lead to attackers forcing\n acceptance of a confirmation dialogue.\n\n - CVE-2011-0053\n Crashes in the layout engine may lead to the execution\n of arbitrary code.\n\n - CVE-2011-0054\n Christian Holler discovered buffer overflows in the\n JavaScript engine, which could allow the execution of\n arbitrary code.\n\n - CVE-2011-0055\n 'regenrecht' and Igor Bukanov discovered a\n use-after-free error in the JSON-Implementation, which\n could lead to the execution of arbitrary code.\n\n - CVE-2011-0056\n Christian Holler discovered buffer overflows in the\n JavaScript engine, which could allow the execution of\n arbitrary code.\n\n - CVE-2011-0057\n Daniel Kozlowski discovered that incorrect memory\n handling the web workers implementation could lead to\n the execution of arbitrary code.\n\n - CVE-2011-0059\n Peleus Uhley discovered a cross-site request forgery\n risk in the plugin code.\n\nThe oldstable distribution (lenny) is not affected. The iceape package\nonly provides the XPCOM code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-1585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0054\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0055\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-0059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/iceape\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2180\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the iceape packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.11-3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:iceape\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"iceape\", reference:\"2.0.11-3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"iceape-browser\", reference:\"2.0.11-3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"iceape-chatzilla\", reference:\"2.0.11-3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"iceape-dbg\", reference:\"2.0.11-3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"iceape-dev\", reference:\"2.0.11-3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"iceape-mailnews\", reference:\"2.0.11-3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:55", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1585", "CVE-2011-0053", "CVE-2011-0061", "CVE-2011-0062"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed HTML content.\nMalicious HTML content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running Thunderbird.\n(CVE-2010-1585, CVE-2011-0053, CVE-2011-0062)\n\nA flaw was found in the way Thunderbird handled malformed JPEG images. An\nHTML mail message containing a malicious JPEG image could cause\nThunderbird to crash or, potentially, execute arbitrary code with the\nprivileges of the user running Thunderbird. (CVE-2011-0061)\n\nAll Thunderbird users should upgrade to this updated package, which\nresolves these issues. All running instances of Thunderbird must be\nrestarted for the update to take effect.\n", "modified": "2018-06-06T20:24:31", "published": "2011-03-01T05:00:00", "id": "RHSA-2011:0311", "href": "https://access.redhat.com/errata/RHSA-2011:0311", "type": "redhat", "title": "(RHSA-2011:0311) Critical: thunderbird security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:54", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0053", "CVE-2011-0054", "CVE-2011-0055", "CVE-2011-0056", "CVE-2011-0057", "CVE-2011-0058", "CVE-2011-0059", "CVE-2011-0061", "CVE-2011-0062"], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA flaw was found in the way Firefox sanitized HTML content in extensions.\nIf an extension loaded or rendered malicious content using the\nParanoidFragmentSink class, it could fail to safely display the content,\ncausing Firefox to execute arbitrary JavaScript with the privileges of the\nuser running Firefox. (CVE-2010-1585)\n\nA flaw was found in the way Firefox handled dialog boxes. An attacker could\nuse this flaw to create a malicious web page that would present a blank\ndialog box that has non-functioning buttons. If a user closes the dialog\nbox window, it could unexpectedly grant the malicious web page elevated\nprivileges. (CVE-2011-0051)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2011-0053, CVE-2011-0055, CVE-2011-0058, CVE-2011-0062)\n\nSeveral flaws were found in the way Firefox handled malformed JavaScript. A\nwebsite containing malicious JavaScript could cause Firefox to execute that\nJavaScript with the privileges of the user running Firefox. (CVE-2011-0054,\nCVE-2011-0056, CVE-2011-0057)\n\nA flaw was found in the way Firefox handled malformed JPEG images. A\nwebsite containing a malicious JPEG image could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2011-0061)\n\nA flaw was found in the way Firefox handled plug-ins that perform HTTP\nrequests. If a plug-in performed an HTTP request, and the server sent a 307\nredirect response, the plug-in was not notified, and the HTTP request was\nforwarded. The forwarded request could contain custom headers, which could\nresult in a Cross Site Request Forgery attack. (CVE-2011-0059)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.14. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n* On Red Hat Enterprise Linux 4 and 5, running the \"firefox\n-setDefaultBrowser\" command caused warnings such as the following:\n\nlibgnomevfs-WARNING **: Deprecated function. User modifications to the\nMIME database are no longer supported.\n\nThis update disables the \"setDefaultBrowser\" option. Red Hat Enterprise\nLinux 4 users wishing to set a default web browser can use Applications ->\nPreferences -> More Preferences -> Preferred Applications. Red Hat\nEnterprise Linux 5 users can use System -> Preferences -> Preferred\nApplications. (BZ#463131, BZ#665031)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.14, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:07", "published": "2011-03-01T05:00:00", "id": "RHSA-2011:0310", "href": "https://access.redhat.com/errata/RHSA-2011:0310", "type": "redhat", "title": "(RHSA-2011:0310) Critical: firefox security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-08T23:29:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry \nSivonen, Martijn Wargers, David Baron and Marcia Knous discovered several \nmemory issues in the browser engine. An attacker could exploit these to \ncrash the browser or possibly run arbitrary code as the user invoking the \nprogram. (CVE-2011-0053, CVE-2011-0062)\n\nRoberto Suggi Liverani discovered a possible issue with unsafe JavaScript \nexecution in chrome documents. A malicious extension could exploit this to \nexecute arbitrary code with chrome privlieges. (CVE-2010-1585)\n\nJordi Chancel discovered a buffer overlow in the JPEG decoding engine. An \nattacker could exploit this to crash the browser or possibly run arbitrary \ncode as the user invoking the program. (CVE-2011-0061)", "edition": 5, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "USN-1050-1", "href": "https://ubuntu.com/security/notices/USN-1050-1", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:35:16", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry \nSivonen, Martijn Wargers, David Baron and Marcia Knous discovered several \nmemory issues in the browser engine. An attacker could exploit these to \ncrash the browser or possibly run arbitrary code as the user invoking the \nprogram. (CVE-2011-0053, CVE-2011-0062)\n\nZach Hoffman discovered that a recursive call to eval() wrapped in a \ntry/catch statement places the browser into a inconsistent state. An \nattacker could exploit this to force a user to accept any dialog. \n(CVE-2011-0051)\n\nIt was discovered that memory was used after being freed in a method used \nby JSON.stringify. An attacker could exploit this to crash the browser or \npossibly run arbitrary code as the user invoking the program. \n(CVE-2011-0055)\n\nChristian Holler discovered multiple buffer overflows in the JavaScript \nengine. An attacker could exploit these to crash the browser or possibly \nrun arbitrary code as the user invoking the program. (CVE-2011-0054, \nCVE-2011-0056)\n\nDaniel Kozlowski discovered that a JavaScript Worker kept a reference to \nmemory after it was freed. An attacker could exploit this to crash the \nbrowser or possibly run arbitrary code as the user invoking the program. \n(CVE-2011-0057)\n\nAlex Miller discovered a buffer overflow in the browser rendering engine. \nAn attacker could exploit this to crash the browser or possibly run \narbitrary code as the user invoking the program. (CVE-2011-0058)\n\nRoberto Suggi Liverani discovered a possible issue with unsafe JavaScript \nexecution in chrome documents. A malicious extension could exploit this to \nexecute arbitrary code with chrome privlieges. (CVE-2010-1585)\n\nJordi Chancel discovered a buffer overlow in the JPEG decoding engine. An \nattacker could exploit this to crash the browser or possibly run arbitrary \ncode as the user invoking the program. (CVE-2011-0061)\n\nPeleus Uhley discovered a CSRF vulnerability in the plugin code related to \n307 redirects. This could allow custom headers to be forwarded across \norigins. (CVE-2011-0059)", "edition": 5, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "USN-1049-1", "href": "https://ubuntu.com/security/notices/USN-1049-1", "title": "Firefox and Xulrunner vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:35:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update \nintroduced a regression where some Java applets would fail to load. This \nupdate fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nJesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry \nSivonen, Martijn Wargers, David Baron and Marcia Knous discovered several \nmemory issues in the browser engine. An attacker could exploit these to \ncrash the browser or possibly run arbitrary code as the user invoking the \nprogram. (CVE-2011-0053, CVE-2011-0062)\n\nZach Hoffman discovered that a recursive call to eval() wrapped in a \ntry/catch statement places the browser into a inconsistent state. An \nattacker could exploit this to force a user to accept any dialog. \n(CVE-2011-0051)\n\nIt was discovered that memory was used after being freed in a method used \nby JSON.stringify. An attacker could exploit this to crash the browser or \npossibly run arbitrary code as the user invoking the program. \n(CVE-2011-0055)\n\nChristian Holler discovered multiple buffer overflows in the JavaScript \nengine. An attacker could exploit these to crash the browser or possibly \nrun arbitrary code as the user invoking the program. (CVE-2011-0054, \nCVE-2011-0056)\n\nDaniel Kozlowski discovered that a JavaScript Worker kept a reference to \nmemory after it was freed. An attacker could exploit this to crash the \nbrowser or possibly run arbitrary code as the user invoking the program. \n(CVE-2011-0057)\n\nAlex Miller discovered a buffer overflow in the browser rendering engine. \nAn attacker could exploit this to crash the browser or possibly run \narbitrary code as the user invoking the program. (CVE-2011-0058)\n\nRoberto Suggi Liverani discovered a possible issue with unsafe JavaScript \nexecution in chrome documents. A malicious extension could exploit this to \nexecute arbitrary code with chrome privlieges. (CVE-2010-1585)\n\nJordi Chancel discovered a buffer overlow in the JPEG decoding engine. An \nattacker could exploit this to crash the browser or possibly run arbitrary \ncode as the user invoking the program. (CVE-2011-0061)\n\nPeleus Uhley discovered a CSRF vulnerability in the plugin code related to \n307 redirects. This could allow custom headers to be forwarded across \norigins. (CVE-2011-0059)", "edition": 5, "modified": "2011-03-07T00:00:00", "published": "2011-03-07T00:00:00", "id": "USN-1049-2", "href": "https://ubuntu.com/security/notices/USN-1049-2", "title": "Firefox and Xulrunner regression", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:34:12", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0077", "CVE-2011-1202", "CVE-2011-0071", "CVE-2010-3778", "CVE-2011-0080", "CVE-2011-0073", "CVE-2011-0053", "CVE-2011-0066", "CVE-2011-0056", "CVE-2010-3776", "CVE-2011-0065", "CVE-2011-0062", "CVE-2011-0075", "CVE-2011-0074", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0069", "CVE-2011-0078", "CVE-2011-0070", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0067", "CVE-2011-0055", "CVE-2011-0072"], "description": "A large number of security issues were discovered in the Gecko rendering \nengine. If a user were tricked into viewing a malicious website, a remote \nattacker could exploit a variety of issues related to web browser security, \nincluding cross-site scripting attacks, denial of service attacks, and \narbitrary code execution.", "edition": 5, "modified": "2011-04-30T00:00:00", "published": "2011-04-30T00:00:00", "id": "USN-1123-1", "href": "https://ubuntu.com/security/notices/USN-1123-1", "title": "Xulrunner vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0062", "CVE-2010-1585"], "description": "[3.1.8-4.0.2.el6_0]\n- Replace clean.gif in tarball\n[3.1.8-4.0.1.el6_0]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[3.1.8-4]\n- Update to build3\n[3.1.8-3]\n- Update to build2\n[3.1.8-2]\n- Update to 3.1.8", "edition": 4, "modified": "2011-03-02T00:00:00", "published": "2011-03-02T00:00:00", "id": "ELSA-2011-0311", "href": "http://linux.oracle.com/errata/ELSA-2011-0311.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:30", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "firefox:\n[3.6.14-4.0.1.el6_0]\n- Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js\n[3.6.14-4]\n- Update to build3\n[3.6.14-3]\n- Update to build2\n[3.6.14-2]\n- Update to 3.6.14\nxulrunner:\n[1.9.2.14-3.0.1.el6_0]\n- Added xulrunner-oracle-default-prefs.js and removed the corresponding\n RedHat one. Bug#11487\n[1.9.2.14-3]\n- Update to build3\n[1.9.2.14-2]\n- Update to build2\n[1.9.2.14-1]\n- Update to 1.9.2.14", "edition": 4, "modified": "2011-03-02T00:00:00", "published": "2011-03-02T00:00:00", "id": "ELSA-2011-0310", "href": "http://linux.oracle.com/errata/ELSA-2011-0310.html", "title": "firefox security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:21:19", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0053", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "Mike Hommey uploaded new packages for iceweasel which fixed the\nfollowing security problems:\n\nCVE-2010-1585\n\n Roberto Suggi Liverani discovered that the sanitising performed by\n ParanoidFragmentSink was incomplete.\n\nCVE-2011-0053\n\n Crashes in the layout engine may lead to the execution of arbitrary\n code.\n\nCVE-2011-0051\n\n Zach Hoffmann discovered that incorrect parsing of recursive eval()\n calls could lead to attackers forcing acceptance of a confirmation\n dialogue.\n\nCVE-2011-0054, CVE-2010-0056\n\n Christian Holler discovered buffer overflows in the Javascript engine,\n which could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\n "regenrecht" and Igor Bukanov discovered a use-after-free error in the\n JSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\n Daniel Kozlowski discovered that incorrect memory handling the web workers\n implementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\n Peleus Uhley discovered a cross-site request forgery risk in the plugin\n code.\n\nFor the lenny-backports distribution the problems have been fixed in\nversion 3.5.16-5~bpo50+1.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.9.0.19-8 of the xulrunner source package.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.16-5.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.17-1.\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the package\nmanually via "apt-get -t lenny-backports install <packagelist>" with\nthe packagelist of your installed packages affected by this update.\n[1] <http://backports.debian.org/Instructions>\n\nWe recommend to pin (in /etc/apt/preferences) the backports repository to\n200 so that new versions of installed backports will be installed\nautomatically. \n\n Package: *\n Pin: release a=lenny-backports\n Pin-Priority: 200\n\n", "edition": 3, "modified": "2011-03-17T10:44:52", "published": "2011-03-17T10:44:52", "id": "DEBIAN:BSA-027:63E51", "href": "https://lists.debian.org/debian-backports-announce/2011/debian-backports-announce-201103/msg00000.html", "title": "[BSA-027] Security Update for iceweasel", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:15", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2180-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 03, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceape\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-1585 CVE-2011-0051 CVE-2011-0053 CVE-2011-0054 CVE-2011-0055 CVE-2011-0056 CVE-2011-0057 CVE-2011-0059\n\nSeveral vulnerabilities have been found in the Iceape internet suite, an\nunbranded version of Seamonkey:\n\nCVE-2010-1585\n\n Roberto Suggi Liverani discovered that the sanitising performed by\n ParanoidFragmentSink was incomplete.\n\nCVE-2011-0051\n\n Zach Hoffmann discovered that incorrect parsing of recursive eval()\n calls could lead to attackers forcing acceptance of a confirmation\n dialogue.\n\nCVE-2011-0053\n\n Crashes in the layout engine may lead to the execution of arbitrary\n code.\n\nCVE-2011-0054\n\n Christian Holler discovered buffer overflows in the Javascript engine,\n which could allow the execution of arbitrary code.\n\nCVE-2010-0056\n\n Christian Holler discovered buffer overflows in the Javascript engine,\n which could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\n "regenrecht" and Igor Bukanov discovered a use-after-free error in the\n JSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\n Daniel Kozlowski discovered that incorrect memory handling the web workers\n implementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\n Peleus Uhley discovered a cross-site request forgery risk in the plugin\n code.\n\nThe oldstable distribution (lenny) is not affected. The iceape package only\nprovides the XPCOM code.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 2.0.11-3.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.0.12-1.\n\nWe recommend that you upgrade your iceape packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2011-03-03T22:12:16", "published": "2011-03-03T22:12:16", "id": "DEBIAN:DSA-2180-1:ECE4D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00047.html", "title": "[SECURITY] [DSA 2180-1] iceape security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:27:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2187-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 09, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : icedove\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-1585 CVE-2011-0051 CVE-2011-0053 CVE-2011-0054 CVE-2011-0055 CVE-2011-0056 CVE-2011-0057 CVE-2011-0059\n\nSeveral vulnerabilities have been discovered in Icedove, an unbranded\nversion of the Thunderbird mail/news client.\n\nCVE-2010-1585\n\n Roberto Suggi Liverani discovered that the sanitising performed by\n ParanoidFragmentSink was incomplete.\n\nCVE-2011-0053\n\n Crashes in the layout engine may lead to the execution of arbitrary\n code.\n\nCVE-2011-0051\n\n Zach Hoffmann discovered that incorrect parsing of recursive eval()\n calls could lead to attackers forcing acceptance of a confirmation\n dialogue.\n\nCVE-2011-0054, CVE-2010-0056\n\n Christian Holler discovered buffer overflows in the Javascript engine,\n which could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\n "regenrecht" and Igor Bukanov discovered a use-after-free error in the\n JSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\n Daniel Kozlowski discovered that incorrect memory handling the web workers\n implementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\n Peleus Uhley discovered a cross-site request forgery risk in the plugin\n code.\n\n\nAs indicated in the Lenny (oldstable) release notes, security support for \nthe Icedove packages in the oldstable needed to be stopped before the end\nof the regular Lenny security maintenance life cycle.\nYou are strongly encouraged to upgrade to stable or switch to a different\nmail client. \n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.0.11-1+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.0.11-2.\n\nWe recommend that you upgrade your icedove packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-03-10T09:35:48", "published": "2011-03-10T09:35:48", "id": "DEBIAN:DSA-2187-1:21087", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00054.html", "title": "[SECURITY] [DSA 2187-1] icedove security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:29:32", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0053", "CVE-2011-0056", "CVE-2010-0056", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0055"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2186-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 09, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2010-1585 CVE-2011-0051 CVE-2011-0053 CVE-2011-0054 CVE-2011-0055 CVE-2011-0055 CVE-2011-0056 CVE-2011-0057 CVE-2011-0059\n\nSeveral vulnerabilities have been discovered in Iceweasel, a web browser \nbased on Firefox. The included XULRunner library provides rendering\nservices for several other applications included in Debian.\n\nCVE-2010-1585\n\n Roberto Suggi Liverani discovered that the sanitising performed by\n ParanoidFragmentSink was incomplete.\n\nCVE-2011-0053\n\n Crashes in the layout engine may lead to the execution of arbitrary\n code.\n\nCVE-2011-0051\n\n Zach Hoffmann discovered that incorrect parsing of recursive eval()\n calls could lead to attackers forcing acceptance of a confirmation\n dialogue.\n\nCVE-2011-0054, CVE-2010-0056\n\n Christian Holler discovered buffer overflows in the Javascript engine,\n which could allow the execution of arbitrary code.\n\nCVE-2011-0055\n\n "regenrecht" and Igor Bukanov discovered a use-after-free error in the\n JSON-Implementation, which could lead to the execution of arbitrary code.\n\nCVE-2011-0057\n\n Daniel Kozlowski discovered that incorrect memory handling the web workers\n implementation could lead to the execution of arbitrary code.\n\nCVE-2011-0059\n\n Peleus Uhley discovered a cross-site request forgery risk in the plugin\n code.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.9.0.19-8 of the xulrunner source package.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 3.5.16-5.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.5.17-1.\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2011-03-10T09:34:44", "published": "2011-03-10T09:34:44", "id": "DEBIAN:DSA-2186-1:C8DEB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00053.html", "title": "[SECURITY] [DSA 2186-1] iceweasel security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:08", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0310\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nA flaw was found in the way Firefox sanitized HTML content in extensions.\nIf an extension loaded or rendered malicious content using the\nParanoidFragmentSink class, it could fail to safely display the content,\ncausing Firefox to execute arbitrary JavaScript with the privileges of the\nuser running Firefox. (CVE-2010-1585)\n\nA flaw was found in the way Firefox handled dialog boxes. An attacker could\nuse this flaw to create a malicious web page that would present a blank\ndialog box that has non-functioning buttons. If a user closes the dialog\nbox window, it could unexpectedly grant the malicious web page elevated\nprivileges. (CVE-2011-0051)\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2011-0053, CVE-2011-0055, CVE-2011-0058, CVE-2011-0062)\n\nSeveral flaws were found in the way Firefox handled malformed JavaScript. A\nwebsite containing malicious JavaScript could cause Firefox to execute that\nJavaScript with the privileges of the user running Firefox. (CVE-2011-0054,\nCVE-2011-0056, CVE-2011-0057)\n\nA flaw was found in the way Firefox handled malformed JPEG images. A\nwebsite containing a malicious JPEG image could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox. (CVE-2011-0061)\n\nA flaw was found in the way Firefox handled plug-ins that perform HTTP\nrequests. If a plug-in performed an HTTP request, and the server sent a 307\nredirect response, the plug-in was not notified, and the HTTP request was\nforwarded. The forwarded request could contain custom headers, which could\nresult in a Cross Site Request Forgery attack. (CVE-2011-0059)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 3.6.14. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nThis update also fixes the following bug:\n\n* On Red Hat Enterprise Linux 4 and 5, running the \"firefox\n-setDefaultBrowser\" command caused warnings such as the following:\n\nlibgnomevfs-WARNING **: Deprecated function. User modifications to the\nMIME database are no longer supported.\n\nThis update disables the \"setDefaultBrowser\" option. Red Hat Enterprise\nLinux 4 users wishing to set a default web browser can use Applications ->\nPreferences -> More Preferences -> Preferred Applications. Red Hat\nEnterprise Linux 5 users can use System -> Preferences -> Preferred\nApplications. (BZ#463131, BZ#665031)\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 3.6.14, which corrects these issues. After installing the\nupdate, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-March/029304.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-March/029305.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0310.html", "edition": 3, "modified": "2011-03-03T05:18:44", "published": "2011-03-03T05:18:19", "href": "http://lists.centos.org/pipermail/centos-announce/2011-March/029304.html", "id": "CESA-2011:0310", "title": "firefox security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:01", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "\nThe Mozilla Project reports:\n\nMFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)\nMFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true\nMFSA 2011-03 Use-after-free error in JSON.stringify\nMFSA 2011-04 Buffer overflow in JavaScript upvarMap\nMFSA 2011-05 Buffer overflow in JavaScript atom map\nMFSA 2011-06 Use-after-free error using Web Workers\nMFSA 2011-07 Memory corruption during text run construction (Windows)\nMFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents\nMFSA 2011-09 Crash caused by corrupted JPEG image\nMFSA 2011-10 CSRF risk with plugins and 307 redirects\n\n", "edition": 4, "modified": "2011-03-01T00:00:00", "published": "2011-03-01T00:00:00", "id": "45F102CD-4456-11E0-9580-4061862B8C22", "href": "https://vuxml.freebsd.org/freebsd/45f102cd-4456-11e0-9580-4061862b8c22.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:53:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-0061", "CVE-2010-3777", "CVE-2011-0053", "CVE-2011-0056", "CVE-2011-0062", "CVE-2010-1585", "CVE-2011-0051", "CVE-2011-0057", "CVE-2011-0059", "CVE-2011-0054", "CVE-2011-0058", "CVE-2011-0055"], "description": "The MozillaFirefox browser was updated to version 3.6.15, fixing various security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2011-03-15T12:02:21", "published": "2011-03-15T12:02:21", "id": "SUSE-SA:2011:013", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-03/msg00002.html", "title": "remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:21:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification\n Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the "USERTrust Legacy Secure Server CA"\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "edition": 1, "modified": "2014-09-09T18:04:16", "published": "2014-09-09T18:04:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "id": "OPENSUSE-SU-2014:1100-1", "title": "Firefox update to 31.1esr (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "edition": 1, "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "GLSA-201301-01", "href": "https://security.gentoo.org/glsa/201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
