Search...

Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)

2013-02-21T00:00:00

ID OPENVAS:803423
Type openvas
Reporter Copyright (C) 2013 Greenbone Networks GmbH
Modified 2017-05-08T00:00:00

Description

This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_mozilla_firefox_esr_mult_vuln01_feb13_macosx.nasl 6079 2017-05-08 09:03:33Z teissa $
#
# Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)
#
# Authors:
# Thanga Prakash S &lt;tprakash@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation will allow attackers to execute arbitrary code,
  memory corruption, bypass certain security restrictions and compromise
  a user's system.
  Impact Level: System/Application";

tag_affected = "Mozilla Firefox ESR version 17.x prior to 17.0.3 on Mac OS X";
tag_insight = "- Error when handling a WebIDL object
  - Error in displaying the content of a 407 response of a proxy
  - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,
    Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).
  - Use-after-free error in the below functions
    'nsDisplayBoxShadowOuter::Paint()'
    'nsPrintEngine::CommonPrint()'
    'nsOverflowContinuationTracker::Finish()'
    'nsImageLoadingContent::OnStopContainer()'
  - Out-of-bound read error in below functions
    'ClusterIterator::NextCluster()'
    'nsCodingStateMachine::NextState()'
    'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.";
tag_solution = "Upgrade to Mozilla Firefox ESR version 17.0.3 or later,
  For updates refer to http://www.mozilla.com/en-US/firefox/all.html";
tag_summary = "This host is installed with Mozilla Firefox ESR and is prone to multiple
  vulnerabilities.";

if(description)
{
  script_id(803423);
  script_version("$Revision: 6079 $");
  script_cve_id("CVE-2013-0784", "CVE-2013-0783", "CVE-2013-0782", "CVE-2013-0781",
                "CVE-2013-0780", "CVE-2013-0779", "CVE-2013-0778", "CVE-2013-0777",
                "CVE-2013-0765", "CVE-2013-0772", "CVE-2013-0773", "CVE-2013-0774",
                "CVE-2013-0775", "CVE-2013-0776");
  script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,
                    58034, 58041, 58038, 58042, 58044);
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $");
  script_tag(name:"creation_date", value:"2013-02-21 19:32:46 +0530 (Thu, 21 Feb 2013)");
  script_name("Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)");
  script_xref(name : "URL" , value : "http://secunia.com/advisories/52249");
  script_xref(name : "URL" , value : "http://secunia.com/advisories/52280");
  script_xref(name : "URL" , value : "https://bugzilla.mozilla.org/show_bug.cgi?id=827070");
  script_xref(name : "URL" , value : "http://packetstormsecurity.com/files/cve/CVE-2013-0784");
  script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2013 Greenbone Networks GmbH");
  script_family("General");
  script_dependencies("gb_mozilla_prdts_detect_macosx.nasl", "ssh_authorization_init.nasl");
  script_require_keys("Mozilla/Firefox-ESR/MacOSX/Version");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("version_func.inc");

# Variable initialization
ffVer = "";

# Get the version from the kb
ffVer = get_kb_item("Mozilla/Firefox-ESR/MacOSX/Version");

if(ffVer)
{
  # Check for vulnerable version
  if(version_in_range(version:ffVer, test_version:"17.0", test_version2:"17.0.2"))
  {
    security_message(0);
    exit(0);
  }
}

JSON Vulners Source

Initial Source

{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "General", "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "description": "This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "200a3065a3d5b6543162dda5d20d78fb"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "a94c6402d1ad10f4e1bad83b34e66d90"}, {"key": "href", "hash": "5c25820c603f4ee219c64968d5db0290"}, {"key": "modified", "hash": "984b09a58a62a821e4060abf6c665de7"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "ec311374730bc21e4e3186bdba7752a4"}, {"key": "published", "hash": "e778cd5ad0ef528858a7e170abbbc3c2"}, {"key": "references", "hash": "cb19deec539678046e6bd524711d170c"}, {"key": "reporter", "hash": "eb0d3e4b46c4b283eb1ce082bbd5ff31"}, {"key": "sourceData", "hash": "c7209d7f4fba32fdcf35c0b274f39249"}, {"key": "title", "hash": "d934fe11fcfc65a69481fb618e3f711a"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=803423", "modified": "2017-05-08T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "id": "OPENVAS:803423", "title": "Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)", "hash": "ceeeccfadc9b620b885b0d514da48921f76f84e44aec10d0163ee0af93e1aedf", "edition": 1, "published": "2013-02-21T00:00:00", "type": "openvas", "history": [], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "lastseen": "2017-07-02T21:11:24", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_esr_mult_vuln01_feb13_macosx.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\n Impact Level: System/Application\";\n\ntag_affected = \"Mozilla Firefox ESR version 17.x prior to 17.0.3 on Mac OS X\";\ntag_insight = \"- Error when handling a WebIDL object\n - Error in displaying the content of a 407 response of a proxy\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n - Use-after-free error in the below functions\n 'nsDisplayBoxShadowOuter::Paint()'\n 'nsPrintEngine::CommonPrint()'\n 'nsOverflowContinuationTracker::Finish()'\n 'nsImageLoadingContent::OnStopContainer()'\n - Out-of-bound read error in below functions\n 'ClusterIterator::NextCluster()'\n 'nsCodingStateMachine::NextState()'\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\";\ntag_solution = \"Upgrade to Mozilla Firefox ESR version 17.0.3 or later,\n For updates refer to http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803423);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 19:32:46 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52249\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52280\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name : \"URL\" , value : \"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Variable initialization\nffVer = \"\";\n\n# Get the version from the kb\nffVer = get_kb_item(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n\nif(ffVer)\n{\n # Check for vulnerable version\n if(version_in_range(version:ffVer, test_version:\"17.0\", test_version2:\"17.0.2\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "pluginID": "803423"}

{"openvas": [{"lastseen": "2018-11-23T15:15:32", "references": ["2013:0323_1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html"], "pluginID": "1361412562310850405", "description": "The remote host is missing an update for the ", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-03-11T00:00:00", "title": "SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310850405", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850405", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_0323_1.nasl 12497 2018-11-23 08:28:21Z cfischer $\n#\n# SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.850405\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:28 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0777\", \"CVE-2013-0778\",\n \"CVE-2013-0779\", \"CVE-2013-0780\", \"CVE-2013-0781\", \"CVE-2013-0782\",\n \"CVE-2013-0783\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"openSUSE-SU\", value:\"2013:0323_1\");\n script_name(\"SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Mozilla'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.1\");\n script_tag(name:\"affected\", value:\"Mozilla on openSUSE 12.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"MozillaFirefox was updated to Firefox 19.0 (bnc#804248)\n MozillaThunderbird was updated to Thunderbird 17.0.3\n (bnc#804248) seamonkey was updated to SeaMonkey 2.16\n (bnc#804248) xulrunner was updated to 17.0.3esr\n (bnc#804248) chmsee was updated to version 2.0.\n\n Changes in MozillaFirefox 19.0:\n\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - removed obsolete patches\n\n * mozilla-webrtc.patch\n\n * mozilla-gstreamer-803287.patch\n\n - added patch to fix session restore window order\n (bmo#712763)\n\n - update to Firefox 18.0.2\n\n * blocklist and CTP updates\n\n * fixes in JS engine\n\n - update to Firefox 18.0.1\n\n * blocklist updates\n\n * backed out bmo#677092 (removed patch)\n\n * fixed problems involving HTTP proxy transactions\n\n - Fix WebRTC to build on powerpc\n\n Changes in MozillaThunderbird:\n\n - update to Thunderbird 17.0.3 (bnc#804248)\n\n * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - update Enigmail to 1.5.1\n\n * The release fixes the regressions found in the past few\n weeks\n\n Changes in seamonkey:\n\n - update to SeaMonkey 2.16 (bnc#804248)\n\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n\n * MFSA 2013-24/CVE- ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel-debuginfo\", rpm:\"MozillaThunderbird-devel-debuginfo~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee-debuginfo\", rpm:\"chmsee-debuginfo~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee-debugsource\", rpm:\"chmsee-debugsource~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.5.1+17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail-debuginfo\", rpm:\"enigmail-debuginfo~1.5.1+17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js\", rpm:\"mozilla-js~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo\", rpm:\"mozilla-js-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debugsource\", rpm:\"seamonkey-debugsource~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-buildsymbols\", rpm:\"xulrunner-buildsymbols~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debugsource\", rpm:\"xulrunner-debugsource~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-debuginfo\", rpm:\"xulrunner-devel-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-32bit\", rpm:\"mozilla-js-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo-32bit\", rpm:\"mozilla-js-debuginfo-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-32bit\", rpm:\"xulrunner-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo-32bit\", rpm:\"xulrunner-debuginfo-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo-x86\", rpm:\"mozilla-js-debuginfo-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-x86\", rpm:\"mozilla-js-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo-x86\", rpm:\"xulrunner-debuginfo-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-x86\", rpm:\"xulrunner-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:10:27", "references": ["2013:0323_1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html"], "pluginID": "850405", "description": "Check for the Version of Mozilla", "edition": 4, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-03-11T00:00:00", "title": "SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-01-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=850405", "id": "OPENVAS:850405", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2013_0323_1.nasl 8483 2018-01-22 06:58:04Z teissa $\n#\n# SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"MozillaFirefox was updated to Firefox 19.0 (bnc#804248)\n MozillaThunderbird was updated to Thunderbird 17.0.3\n (bnc#804248) seamonkey was updated to SeaMonkey 2.16\n (bnc#804248) xulrunner was updated to 17.0.3esr\n (bnc#804248) chmsee was updated to version 2.0.\n\n Changes in MozillaFirefox 19.0:\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n - removed obsolete patches\n * mozilla-webrtc.patch\n * mozilla-gstreamer-803287.patch\n - added patch to fix session restore window order\n (bmo#712763)\n\n - update to Firefox 18.0.2\n * blocklist and CTP updates\n * fixes in JS engine\n\n - update to Firefox 18.0.1\n * blocklist updates\n * backed out bmo#677092 (removed patch)\n * fixed problems involving HTTP proxy transactions\n\n - Fix WebRTC to build on powerpc\n\n Changes in MozillaThunderbird:\n - update to Thunderbird 17.0.3 (bnc#804248)\n * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - update Enigmail to 1.5.1\n * The release fixes the regressions found in the past few\n weeks\n\n Changes in seamonkey:\n - update to SeaMonkey 2.16 (bnc#804248)\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n * MFSA 2013-24/CVE- ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"Mozilla on openSUSE 12.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html\");\n script_id(850405);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-11 18:29:28 +0530 (Mon, 11 Mar 2013)\");\n script_cve_id(\"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0777\", \"CVE-2013-0778\",\n \"CVE-2013-0779\", \"CVE-2013-0780\", \"CVE-2013-0781\", \"CVE-2013-0782\",\n \"CVE-2013-0783\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"openSUSE-SU\", value: \"2013:0323_1\");\n script_name(\"SuSE Update for Mozilla openSUSE-SU-2013:0323-1 (Mozilla)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of Mozilla\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE12.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox\", rpm:\"MozillaFirefox~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-branding-upstream\", rpm:\"MozillaFirefox-branding-upstream~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-buildsymbols\", rpm:\"MozillaFirefox-buildsymbols~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-debuginfo\", rpm:\"MozillaFirefox-debuginfo~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-debugsource\", rpm:\"MozillaFirefox-debugsource~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-devel\", rpm:\"MozillaFirefox-devel~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-common\", rpm:\"MozillaFirefox-translations-common~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaFirefox-translations-other\", rpm:\"MozillaFirefox-translations-other~19.0~2.62.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird\", rpm:\"MozillaThunderbird~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-buildsymbols\", rpm:\"MozillaThunderbird-buildsymbols~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-debuginfo\", rpm:\"MozillaThunderbird-debuginfo~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-debugsource\", rpm:\"MozillaThunderbird-debugsource~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel\", rpm:\"MozillaThunderbird-devel~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-devel-debuginfo\", rpm:\"MozillaThunderbird-devel-debuginfo~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-common\", rpm:\"MozillaThunderbird-translations-common~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"MozillaThunderbird-translations-other\", rpm:\"MozillaThunderbird-translations-other~17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee\", rpm:\"chmsee~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee-debuginfo\", rpm:\"chmsee-debuginfo~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"chmsee-debugsource\", rpm:\"chmsee-debugsource~2.0~2.32.3\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail\", rpm:\"enigmail~1.5.1+17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"enigmail-debuginfo\", rpm:\"enigmail-debuginfo~1.5.1+17.0.3~33.51.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js\", rpm:\"mozilla-js~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo\", rpm:\"mozilla-js-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey\", rpm:\"seamonkey~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debuginfo\", rpm:\"seamonkey-debuginfo~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-debugsource\", rpm:\"seamonkey-debugsource~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-dom-inspector\", rpm:\"seamonkey-dom-inspector~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-irc\", rpm:\"seamonkey-irc~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-common\", rpm:\"seamonkey-translations-common~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-translations-other\", rpm:\"seamonkey-translations-other~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"seamonkey-venkman\", rpm:\"seamonkey-venkman~2.16~2.53.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-buildsymbols\", rpm:\"xulrunner-buildsymbols~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debugsource\", rpm:\"xulrunner-debugsource~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel-debuginfo\", rpm:\"xulrunner-devel-debuginfo~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-32bit\", rpm:\"mozilla-js-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo-32bit\", rpm:\"mozilla-js-debuginfo-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-32bit\", rpm:\"xulrunner-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo-32bit\", rpm:\"xulrunner-debuginfo-32bit~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-debuginfo-x86\", rpm:\"mozilla-js-debuginfo-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"mozilla-js-x86\", rpm:\"mozilla-js-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo-x86\", rpm:\"xulrunner-debuginfo-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-x86\", rpm:\"xulrunner-x86~17.0.3~2.57.1\", rls:\"openSUSE12.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-24T11:09:26", "references": ["1748-1", "http://www.ubuntu.com/usn/usn-1748-1/"], "pluginID": "841344", "description": "Check for the Version of thunderbird", "edition": 4, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-03-01T00:00:00", "title": "Ubuntu Update for thunderbird USN-1748-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781"], "modified": "2018-01-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841344", "id": "OPENVAS:841344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1748_1.nasl 8509 2018-01-24 06:57:46Z teissa $\n#\n# Ubuntu Update for thunderbird USN-1748-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and\n System Only Wrappers (SOW). If a user were tricked into opening a specially\n crafted page and had scripting enabled, a remote attacker could exploit\n this to bypass security protections to obtain sensitive information or\n potentially execute code with the privileges of the user invoking\n Thunderbird. (CVE-2013-0773)\n\n Frederik Braun discovered that Thunderbird made the location of the active\n browser profile available to JavaScript workers. Scripting for Thunderbird\n is disabled by default in Ubuntu. (CVE-2013-0774)\n\n A use-after-free vulnerability was discovered in Thunderbird. An attacker\n could potentially exploit this to execute code with the privileges of the\n user invoking Thunderbird if scripting were enabled. (CVE-2013-0775)\n\n Michal Zalewski discovered that Thunderbird would not always show the\n correct address when cancelling a proxy authentication prompt. A remote\n attacker could exploit this to conduct URL spoofing and phishing attacks\n if scripting were enabled.\n (CVE-2013-0776)\n\n Abhishek Arya discovered several problems related to memory handling. If\n the user were tricked into opening a specially crafted page, an attacker\n could possibly exploit these to cause a denial of service via application\n crash, or potentially execute code with the privileges of the user invoking\n Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,\n CVE-2013-0781, CVE-2013-0782)\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight,\n Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke\n Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron\n discovered multiple memory safety issues affecting Thunderbird. If a user\n had scripting enabled and was tricked into opening a specially crafted\n page, an attacker could possibly exploit these to cause a denial of service\n via application crash. (CVE-2013-0783, CVE-2013-0784)\";\n\n\ntag_affected = \"thunderbird on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1748-1/\");\n script_id(841344);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-01 11:08:05 +0530 (Fri, 01 Mar 2013)\");\n script_cve_id(\"CVE-2013-0773\",\"CVE-2013-0774\",\"CVE-2013-0775\",\"CVE-2013-0776\",\n \"CVE-2013-0777\",\"CVE-2013-0778\",\"CVE-2013-0779\",\"CVE-2013-0780\",\n \"CVE-2013-0781\",\"CVE-2013-0782\",\"CVE-2013-0783\",\"CVE-2013-0784\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1748-1\");\n script_name(\"Ubuntu Update for thunderbird USN-1748-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:04:35", "references": ["1748-1", "http://www.ubuntu.com/usn/usn-1748-1/"], "pluginID": "1361412562310841344", "description": "The remote host is missing an update for the ", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-03-01T00:00:00", "title": "Ubuntu Update for thunderbird USN-1748-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310841344", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841344", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1748_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for thunderbird USN-1748-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1748-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841344\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-01 11:08:05 +0530 (Fri, 01 Mar 2013)\");\n script_cve_id(\"CVE-2013-0773\", \"CVE-2013-0774\", \"CVE-2013-0775\", \"CVE-2013-0776\",\n \"CVE-2013-0777\", \"CVE-2013-0778\", \"CVE-2013-0779\", \"CVE-2013-0780\",\n \"CVE-2013-0781\", \"CVE-2013-0782\", \"CVE-2013-0783\", \"CVE-2013-0784\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1748-1\");\n script_name(\"Ubuntu Update for thunderbird USN-1748-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"thunderbird on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and\n System Only Wrappers (SOW). If a user were tricked into opening a specially\n crafted page and had scripting enabled, a remote attacker could exploit\n this to bypass security protections to obtain sensitive information or\n potentially execute code with the privileges of the user invoking\n Thunderbird. (CVE-2013-0773)\n\n Frederik Braun discovered that Thunderbird made the location of the active\n browser profile available to JavaScript workers. Scripting for Thunderbird\n is disabled by default in Ubuntu. (CVE-2013-0774)\n\n A use-after-free vulnerability was discovered in Thunderbird. An attacker\n could potentially exploit this to execute code with the privileges of the\n user invoking Thunderbird if scripting were enabled. (CVE-2013-0775)\n\n Michal Zalewski discovered that Thunderbird would not always show the\n correct address when cancelling a proxy authentication prompt. A remote\n attacker could exploit this to conduct URL spoofing and phishing attacks\n if scripting were enabled.\n (CVE-2013-0776)\n\n Abhishek Arya discovered several problems related to memory handling. If\n the user were tricked into opening a specially crafted page, an attacker\n could possibly exploit these to cause a denial of service via application\n crash, or potentially execute code with the privileges of the user invoking\n Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,\n CVE-2013-0781, CVE-2013-0782)\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight,\n Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke\n Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron\n discovered multiple memory safety issues affecting Thunderbird. If a user\n had scripting enabled and was tricked into opening a specially crafted\n page, an attacker could possibly exploit these to cause a denial of service\n via application crash. (CVE-2013-0783, CVE-2013-0784)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.11.10.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"thunderbird\", ver:\"17.0.3+build1-0ubuntu0.12.10.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:10", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "803427", "description": "This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2017-05-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803427", "id": "OPENVAS:803427", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_esr_mult_vuln01_feb13_macosx.nasl 6086 2017-05-09 09:03:30Z teissa $\n#\n# Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\n Impact Level: System/Application\";\n\ntag_affected = \"Mozilla Thunderbird ESR version 17.x prior to 17.0.3 on Mac OS X\";\ntag_insight = \"- Error when handling a WebIDL object\n - Error in displaying the content of a 407 response of a proxy\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n - Use-after-free error in the below functions\n 'nsDisplayBoxShadowOuter::Paint()'\n 'nsPrintEngine::CommonPrint()'\n 'nsOverflowContinuationTracker::Finish()'\n 'nsImageLoadingContent::OnStopContainer()'\n - Out-of-bound read error in below functions\n 'ClusterIterator::NextCluster()'\n 'nsCodingStateMachine::NextState()'\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\";\ntag_solution = \"Upgrade to Mozilla Thunderbird ESR version 17.0.3 or later,\n For updates refer to http://www.mozilla.com/en-US/thunderbird\";\ntag_summary = \"This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803427);\n script_version(\"$Revision: 6086 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-09 11:03:30 +0200 (Tue, 09 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 19:42:09 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52249\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52280\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name : \"URL\" , value : \"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"ThunderBird-ESR/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\n# Variable initialization\nffVer = \"\";\n\n# Get the version from the kb\nffVer = get_kb_item(\"ThunderBird-ESR/MacOSX/Version\");\n\nif(ffVer)\n{\n # Check for vulnerable version\n if(version_in_range(version:ffVer, test_version:\"17.0\", test_version2:\"17.0.2\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:41:26", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://www.mozilla.com/en-US/thunderbird", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "1361412562310803426", "description": "This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.", "edition": 8, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "title": "Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803426", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803426", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_esr_mult_vuln01_feb13_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\");\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird ESR version 17.x prior to 17.0.3 on Windows\");\n script_tag(name:\"insight\", value:\"- Error when handling a WebIDL object\n\n - Error in displaying the content of a 407 response of a proxy\n\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n\n - Use-after-free error in the below functions\n\n 'nsDisplayBoxShadowOuter::Paint()'\n\n 'nsPrintEngine::CommonPrint()'\n\n 'nsOverflowContinuationTracker::Finish()'\n\n 'nsImageLoadingContent::OnStopContainer()'\n\n - Out-of-bound read error in below functions\n\n 'ClusterIterator::NextCluster()'\n\n 'nsCodingStateMachine::NextState()'\n\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird ESR version 17.0.3 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.803426\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 15:34:10 +0530 (Thu, 21 Feb 2013)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_name(\"Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Windows)\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52249\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52280\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_thunderbird_detect_portable_win.nasl\");\n script_mandatory_keys(\"Thunderbird-ESR/Win/Ver\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Thunderbird-ESR/Win/Ver\");\n\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"17.0\", test_version2:\"17.0.2\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:42:10", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://www.mozilla.com/en-US/firefox/all.html", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "1361412562310803422", "description": "This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.", "edition": 8, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "title": "Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803422", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_esr_mult_vuln01_feb13_win.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Windows)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803422\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 15:26:45 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities -01 Feb13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52249\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52280\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox-ESR/Win/Ver\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 17.x prior to 17.0.3 on Windows\");\n script_tag(name:\"insight\", value:\"- Error when handling a WebIDL object\n\n - Error in displaying the content of a 407 response of a proxy\n\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n\n - Use-after-free error in the below functions\n\n 'nsDisplayBoxShadowOuter::Paint()'\n\n 'nsPrintEngine::CommonPrint()'\n\n 'nsOverflowContinuationTracker::Finish()'\n\n 'nsImageLoadingContent::OnStopContainer()'\n\n - Out-of-bound read error in below functions\n\n 'ClusterIterator::NextCluster()'\n\n 'nsCodingStateMachine::NextState()'\n\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version 17.0.3 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/firefox/all.html\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Firefox-ESR/Win/Ver\");\n\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"17.0\", test_version2:\"17.0.2\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:41:53", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://www.mozilla.com/en-US/firefox/all.html", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "1361412562310803421", "description": "This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.", "edition": 6, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "title": "Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_mult_vuln01_feb13_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803421\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 19:28:25 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52249\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52280\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version before 19.0 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"- Error when handling a WebIDL object\n\n - Error in displaying the content of a 407 response of a proxy\n\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n\n - Use-after-free error in the below functions\n\n 'nsDisplayBoxShadowOuter::Paint()'\n\n 'nsPrintEngine::CommonPrint()'\n\n 'nsOverflowContinuationTracker::Finish()'\n\n 'nsImageLoadingContent::OnStopContainer()'\n\n - Out-of-bound read error in below functions\n\n 'ClusterIterator::NextCluster()'\n\n 'nsCodingStateMachine::NextState()'\n\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 19.0 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/firefox/all.html\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Mozilla/Firefox/MacOSX/Version\");\n\nif(ffVer)\n{\n if(version_is_less(version:ffVer, test_version:\"19.0\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:42:00", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://www.mozilla.com/en-US/thunderbird", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "1361412562310803427", "description": "This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.", "edition": 6, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "title": "Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:1361412562310803427", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803427", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_esr_mult_vuln01_feb13_macosx.nasl 11865 2018-10-12 10:03:43Z cfischer $\n#\n# Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803427\");\n script_version(\"$Revision: 11865 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 12:03:43 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 19:42:09 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Thunderbird ESR Multiple Vulnerabilities -01 Feb13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52249\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/52280\");\n script_xref(name:\"URL\", value:\"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name:\"URL\", value:\"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"ThunderBird-ESR/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise a user's system.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Thunderbird ESR version 17.x prior to 17.0.3 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"- Error when handling a WebIDL object\n\n - Error in displaying the content of a 407 response of a proxy\n\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n\n - Use-after-free error in the below functions\n\n 'nsDisplayBoxShadowOuter::Paint()'\n\n 'nsPrintEngine::CommonPrint()'\n\n 'nsOverflowContinuationTracker::Finish()'\n\n 'nsImageLoadingContent::OnStopContainer()'\n\n - Out-of-bound read error in below functions\n\n 'ClusterIterator::NextCluster()'\n\n 'nsCodingStateMachine::NextState()'\n\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Thunderbird ESR version 17.0.3 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.mozilla.com/en-US/thunderbird\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"ThunderBird-ESR/MacOSX/Version\");\n\nif(ffVer)\n{\n if(version_in_range(version:ffVer, test_version:\"17.0\", test_version2:\"17.0.2\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:08", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://packetstormsecurity.com/files/cve/CVE-2013-0784", "http://secunia.com/advisories/52249", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://secunia.com/advisories/52280"], "pluginID": "803421", "description": "This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (C) 2013 Greenbone Networks GmbH", "published": "2013-02-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2017-05-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803421", "id": "OPENVAS:803421", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_mult_vuln01_feb13_macosx.nasl 6093 2017-05-10 09:03:18Z teissa $\n#\n# Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to execute arbitrary code,\n memory corruption, bypass certain security restrictions and compromise\n a user's system.\n Impact Level: System/Application\";\n\ntag_affected = \"Mozilla Firefox version before 19.0 on Mac OS X\";\ntag_insight = \"- Error when handling a WebIDL object\n - Error in displaying the content of a 407 response of a proxy\n - Unspecified errors in 'nsSaveAsCharset::DoCharsetConversion()' function,\n Chrome Object Wrappers (COW) and in System Only Wrappers (SOW).\n - Use-after-free error in the below functions\n 'nsDisplayBoxShadowOuter::Paint()'\n 'nsPrintEngine::CommonPrint()'\n 'nsOverflowContinuationTracker::Finish()'\n 'nsImageLoadingContent::OnStopContainer()'\n - Out-of-bound read error in below functions\n 'ClusterIterator::NextCluster()'\n 'nsCodingStateMachine::NextState()'\n 'mozilla::image::RasterImage::DrawFrameTo()', when rendering GIF images.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 19.0 or later,\n For updates refer to http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803421);\n script_version(\"$Revision: 6093 $\");\n script_cve_id(\"CVE-2013-0784\", \"CVE-2013-0783\", \"CVE-2013-0782\", \"CVE-2013-0781\",\n \"CVE-2013-0780\", \"CVE-2013-0779\", \"CVE-2013-0778\", \"CVE-2013-0777\",\n \"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\",\n \"CVE-2013-0775\", \"CVE-2013-0776\");\n script_bugtraq_id(58040, 58037, 58047, 58049, 58043, 58051, 58050, 58048, 58036,\n 58034, 58041, 58038, 58042, 58044);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-21 19:28:25 +0530 (Thu, 21 Feb 2013)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities -01 Feb13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52249\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/52280\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.mozilla.org/show_bug.cgi?id=827070\");\n script_xref(name : \"URL\" , value : \"http://packetstormsecurity.com/files/cve/CVE-2013-0784\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Mozilla/Firefox/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Variable initialization\nffVer = \"\";\n\n# Get the version from the kb\nffVer = get_kb_item(\"Mozilla/Firefox/MacOSX/Version\");\n\nif(ffVer)\n{\n # Check for vulnerable version\n if(version_is_less(version:ffVer, test_version:\"19.0\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-11-13T17:12:20", "references": ["https://lists.opensuse.org/opensuse-updates/2013-02/msg00061.html", "https://bugzilla.novell.com/show_bug.cgi?id=796895", "https://bugzilla.novell.com/show_bug.cgi?id=804248"], "pluginID": "74898", "description": "MozillaFirefox was updated to Firefox 19.0 (bnc#804248) MozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248) seamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was updated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0.\n\nChanges in MozillaFirefox 19.0 :\n\n - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards\n\n - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering\n\n - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer\n\n - removed obsolete patches\n\n - mozilla-webrtc.patch\n\n - mozilla-gstreamer-803287.patch\n\n - added patch to fix session restore window order (bmo#712763)\n\n - update to Firefox 18.0.2\n\n - blocklist and CTP updates\n\n - fixes in JS engine\n\n - update to Firefox 18.0.1\n\n - blocklist updates\n\n - backed out bmo#677092 (removed patch)\n\n - fixed problems involving HTTP proxy transactions\n\n - Fix WebRTC to build on powerpc\n\nChanges in MozillaThunderbird :\n\n - update to Thunderbird 17.0.3 (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer\n\n - update Enigmail to 1.5.1\n\n - The release fixes the regressions found in the past few weeks\n\nChanges in seamonkey :\n\n - update to SeaMonkey 2.16 (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards\n\n - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering\n\n - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer\n\n - removed obsolete patches\n\n - mozilla-webrtc.patch\n\n - mozilla-gstreamer-803287.patch\n\n - update to SeaMonkey 2.15.2\n\n - Applications could not be removed from the 'Application details' dialog under Preferences, Helper Applications (bmo#826771).\n\n - View / Message Body As could show menu items out of context (bmo#831348)\n\n - update to SeaMonkey 2.15.1\n\n - backed out bmo#677092 (removed patch)\n\n - fixed problems involving HTTP proxy transactions\n\n - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468)\n\nChanges in xulrunner :\n\n - update to 17.0.3esr (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety hazards\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer", "edition": 5, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common", "p-cpe:/a:novell:opensuse:mozilla-js", "p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols", "p-cpe:/a:novell:opensuse:seamonkey-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other", "p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource", "p-cpe:/a:novell:opensuse:xulrunner-devel", "p-cpe:/a:novell:opensuse:MozillaFirefox-devel", "p-cpe:/a:novell:opensuse:MozillaThunderbird", "p-cpe:/a:novell:opensuse:seamonkey-debuginfo", "p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel", "p-cpe:/a:novell:opensuse:seamonkey-dom-inspector", "p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo", "p-cpe:/a:novell:opensuse:xulrunner-debuginfo", "p-cpe:/a:novell:opensuse:seamonkey-translations-other", "p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit", "p-cpe:/a:novell:opensuse:seamonkey-venkman", "p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream", "p-cpe:/a:novell:opensuse:xulrunner-32bit", "p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common", "p-cpe:/a:novell:opensuse:chmsee-debugsource", "p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xulrunner-debugsource", "p-cpe:/a:novell:opensuse:mozilla-js-32bit", "p-cpe:/a:novell:opensuse:seamonkey-translations-common", "p-cpe:/a:novell:opensuse:mozilla-js-debuginfo", "p-cpe:/a:novell:opensuse:chmsee", "p-cpe:/a:novell:opensuse:xulrunner", "p-cpe:/a:novell:opensuse:seamonkey-irc", "p-cpe:/a:novell:opensuse:enigmail", "p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other", "p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource", "p-cpe:/a:novell:opensuse:MozillaFirefox", "p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo", "p-cpe:/a:novell:opensuse:xulrunner-buildsymbols", "p-cpe:/a:novell:opensuse:seamonkey", "cpe:/o:novell:opensuse:12.2", "p-cpe:/a:novell:opensuse:chmsee-debuginfo", "p-cpe:/a:novell:opensuse:enigmail-debuginfo"], "id": "OPENSUSE-2013-141.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74898", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-141.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74898);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\", \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0777\", \"CVE-2013-0778\", \"CVE-2013-0779\", \"CVE-2013-0780\", \"CVE-2013-0781\", \"CVE-2013-0782\", \"CVE-2013-0783\");\n\n script_name(english:\"openSUSE Security Update : Mozilla (openSUSE-SU-2013:0323-1)\");\n script_summary(english:\"Check for the openSUSE-2013-141 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaFirefox was updated to Firefox 19.0 (bnc#804248)\nMozillaThunderbird was updated to Thunderbird 17.0.3 (bnc#804248)\nseamonkey was updated to SeaMonkey 2.16 (bnc#804248) xulrunner was\nupdated to 17.0.3esr (bnc#804248) chmsee was updated to version 2.0.\n\nChanges in MozillaFirefox 19.0 :\n\n - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n\n - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n\n - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - removed obsolete patches\n\n - mozilla-webrtc.patch\n\n - mozilla-gstreamer-803287.patch\n\n - added patch to fix session restore window order\n (bmo#712763)\n\n - update to Firefox 18.0.2\n\n - blocklist and CTP updates\n\n - fixes in JS engine\n\n - update to Firefox 18.0.1\n\n - blocklist updates\n\n - backed out bmo#677092 (removed patch)\n\n - fixed problems involving HTTP proxy transactions\n\n - Fix WebRTC to build on powerpc\n\nChanges in MozillaThunderbird :\n\n - update to Thunderbird 17.0.3 (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,\n out of bounds read, and buffer overflow issues found\n using Address Sanitizer\n\n - update Enigmail to 1.5.1\n\n - The release fixes the regressions found in the past few\n weeks\n\nChanges in seamonkey :\n\n - update to SeaMonkey 2.16 (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n\n - MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n\n - MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - removed obsolete patches\n\n - mozilla-webrtc.patch\n\n - mozilla-gstreamer-803287.patch\n\n - update to SeaMonkey 2.15.2\n\n - Applications could not be removed from the 'Application\n details' dialog under Preferences, Helper Applications\n (bmo#826771).\n\n - View / Message Body As could show menu items out of\n context (bmo#831348)\n\n - update to SeaMonkey 2.15.1\n\n - backed out bmo#677092 (removed patch)\n\n - fixed problems involving HTTP proxy transactions\n\n - backed out restartless language packs as it broke\n multi-locale setup (bmo#677092, bmo#818468)\n\nChanges in xulrunner :\n\n - update to 17.0.3esr (bnc#804248)\n\n - MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n\n - MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n\n - MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n\n - MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n\n - MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n\n - MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 Use-after-free,\n out of bounds read, and buffer overflow issues found\n using Address Sanitizer\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=796895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-02/msg00061.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected Mozilla packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaFirefox-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:MozillaThunderbird-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:chmsee-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:enigmail-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-js-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-dom-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-irc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-translations-other\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:seamonkey-venkman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-buildsymbols\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xulrunner-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-branding-upstream-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-buildsymbols-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-debuginfo-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-debugsource-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-devel-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-translations-common-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaFirefox-translations-other-19.0-2.62.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-buildsymbols-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-debuginfo-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-debugsource-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-devel-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-translations-common-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"MozillaThunderbird-translations-other-17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-2.0-2.32.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-debuginfo-2.0-2.32.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"chmsee-debugsource-2.0-2.32.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"enigmail-1.5.1+17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"enigmail-debuginfo-1.5.1+17.0.3-33.51.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-js-debuginfo-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-debuginfo-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-debugsource-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-dom-inspector-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-irc-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-translations-common-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-translations-other-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"seamonkey-venkman-2.16-2.53.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-buildsymbols-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-debuginfo-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-debugsource-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-devel-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"xulrunner-devel-debuginfo-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js-32bit-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-js-debuginfo-32bit-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"xulrunner-32bit-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"xulrunner-debuginfo-32bit-17.0.3-2.57.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-branding-upstream-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-buildsymbols-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-debuginfo-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-debugsource-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-devel-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-translations-common-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaFirefox-translations-other-19.0-2.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-buildsymbols-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-debuginfo-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-debugsource-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-devel-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-translations-common-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"MozillaThunderbird-translations-other-17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chmsee-2.0-2.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chmsee-debuginfo-2.0-2.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"chmsee-debugsource-2.0-2.14.3\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"enigmail-1.5.1+17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"enigmail-debuginfo-1.5.1+17.0.3-49.31.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"mozilla-js-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"mozilla-js-debuginfo-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-debuginfo-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-debugsource-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-dom-inspector-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-irc-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-translations-common-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-translations-other-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"seamonkey-venkman-2.16-2.34.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-buildsymbols-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-debuginfo-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-debugsource-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-devel-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"xulrunner-devel-debuginfo-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"mozilla-js-32bit-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"mozilla-js-debuginfo-32bit-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"xulrunner-32bit-17.0.3-2.30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"xulrunner-debuginfo-32bit-17.0.3-2.30.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Mozilla\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:38:24", "references": ["http://support.novell.com/security/cve/CVE-2013-0782.html", "http://support.novell.com/security/cve/CVE-2013-0774.html", "http://support.novell.com/security/cve/CVE-2013-0775.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-26.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-24.html", "https://bugzilla.novell.com/show_bug.cgi?id=806669", "http://support.novell.com/security/cve/CVE-2013-0776.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-21.html", "http://support.novell.com/security/cve/CVE-2013-0773.html", "http://support.novell.com/security/cve/CVE-2013-0783.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-23.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-25.html", "http://support.novell.com/security/cve/CVE-2013-0772.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-27.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-22.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html", "http://support.novell.com/security/cve/CVE-2013-0765.html", "https://bugzilla.novell.com/show_bug.cgi?id=804248", "http://support.novell.com/security/cve/CVE-2013-0780.html"], "pluginID": "65175", "description": "Mozilla Firefox has been updated to the 17.0.3ESR release.\n\nImportant: due to compatibility issues, the Beagle plug-in for MozillaFirefox is temporarily disabled by this update.\n\nBesides the major version update from the 10ESR stable release line to the 17ESR stable release line, this update brings critical security and bugfixes :\n\n - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and buffer overflow problems rated as low to critical security issues in shipped software. Some of these issues are potentially exploitable, allowing for remote code execution. We would also like to thank Abhishek for reporting four additional use-after-free and out of bounds write flaws introduced during Firefox development that were fixed before general release.\n (MFSA 2013-28)\n\n - The following issues have been fixed in Firefox 19 and ESR 17.0.3 :\n\n - Heap-use-after-free in nsOverflowContinuationTracker::Finish, with\n -moz-columns. (CVE-2013-0780)\n\n - Heap-buffer-overflow WRITE in nsSaveAsCharset::DoCharsetConversion. (CVE-2013-0782)\n\n - Google security researcher Michal Zalewski reported an issue where the browser displayed the content of a proxy's 407 response if a user canceled the proxy's authentication prompt. In this circumstance, the addressbar will continue to show the requested site's address, including HTTPS addresses that appear to be secure. This spoofing of addresses can be used for phishing attacks by fooling users into entering credentials, for example. (MFSA 2013-27 / CVE-2013-0776)\n\n - Security researcher Nils reported a use-after-free in nsImageLoadingContent when content script is executed.\n This could allow for arbitrary code execution. (MFSA 2013-26 / CVE-2013-0775)\n\n - Mozilla security researcher Frederik Braun discovered that since Firefox 15 the file system location of the active browser profile was available to JavaScript workers. While not dangerous by itself, this could potentially be combined with other vulnerabilities to target the profile in an attack. (MFSA 2013-25 / CVE-2013-0774)\n\n - Mozilla developer Bobby Holley discovered that it was possible to bypass some protections in Chrome Object Wrappers (COW) and System Only Wrappers (SOW), making their prototypes mutable by web content. This could be used leak information from chrome objects and possibly allow for arbitrary code execution. (MFSA 2013-24 / CVE-2013-0773)\n\n - Mozilla developer Boris Zbarsky reported that in some circumstances a wrapped WebIDL object can be wrapped multiple times, overwriting the existing wrapped state.\n This could lead to an exploitable condition in rare cases. (MFSA 2013-23 / CVE-2013-0765)\n\n - Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found an out-of-bounds read while rendering GIF format images. This could cause a non-exploitable crash and could also attempt to render normally inaccesible data as part of the image. (MFSA 2013-22 / CVE-2013-0772)\n\n - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-21)\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery reported memory safety problems and crashes that affect Firefox ESR 17, and Firefox 18.\n\n - Memory safety bugs fixed in Firefox ESR 17.0.3, and Firefox 19. (CVE-2013-0783)", "edition": 4, "reporter": "Tenable", "published": "2013-03-10T00:00:00", "title": "SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7447)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0772"], "modified": "2013-10-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:MozillaFirefox-branding-SLED", "p-cpe:/a:novell:suse_linux:11:beagle", "p-cpe:/a:novell:suse_linux:11:mhtml-firefox", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit", "p-cpe:/a:novell:suse_linux:11:beagle-lang", "p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mozilla-nss", "p-cpe:/a:novell:suse_linux:11:mozilla-nspr", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox", "p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools", "p-cpe:/a:novell:suse_linux:11:beagle-evolution", "p-cpe:/a:novell:suse_linux:11:libfreebl3", "p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit", "p-cpe:/a:novell:suse_linux:11:beagle-gui", "p-cpe:/a:novell:suse_linux:11:beagle-firefox"], "id": "SUSE_11_FIREFOX-201303-130305.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=65175", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65175);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2013/10/25 23:41:53 $\");\n\n script_cve_id(\"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\", \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0780\", \"CVE-2013-0782\", \"CVE-2013-0783\");\n\n script_name(english:\"SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7447)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox has been updated to the 17.0.3ESR release.\n\nImportant: due to compatibility issues, the Beagle plug-in for\nMozillaFirefox is temporarily disabled by this update.\n\nBesides the major version update from the 10ESR stable release line to\nthe 17ESR stable release line, this update brings critical security\nand bugfixes :\n\n - Security researcher Abhishek Arya (Inferno) of the\n Google Chrome Security Team used the Address Sanitizer\n tool to discover a series of use-after-free, out of\n bounds read, and buffer overflow problems rated as low\n to critical security issues in shipped software. Some of\n these issues are potentially exploitable, allowing for\n remote code execution. We would also like to thank\n Abhishek for reporting four additional use-after-free\n and out of bounds write flaws introduced during Firefox\n development that were fixed before general release.\n (MFSA 2013-28)\n\n - The following issues have been fixed in Firefox 19 and\n ESR 17.0.3 :\n\n - Heap-use-after-free in\n nsOverflowContinuationTracker::Finish, with\n -moz-columns. (CVE-2013-0780)\n\n - Heap-buffer-overflow WRITE in\n nsSaveAsCharset::DoCharsetConversion. (CVE-2013-0782)\n\n - Google security researcher Michal Zalewski reported an\n issue where the browser displayed the content of a\n proxy's 407 response if a user canceled the proxy's\n authentication prompt. In this circumstance, the\n addressbar will continue to show the requested site's\n address, including HTTPS addresses that appear to be\n secure. This spoofing of addresses can be used for\n phishing attacks by fooling users into entering\n credentials, for example. (MFSA 2013-27 / CVE-2013-0776)\n\n - Security researcher Nils reported a use-after-free in\n nsImageLoadingContent when content script is executed.\n This could allow for arbitrary code execution. (MFSA\n 2013-26 / CVE-2013-0775)\n\n - Mozilla security researcher Frederik Braun discovered\n that since Firefox 15 the file system location of the\n active browser profile was available to JavaScript\n workers. While not dangerous by itself, this could\n potentially be combined with other vulnerabilities to\n target the profile in an attack. (MFSA 2013-25 /\n CVE-2013-0774)\n\n - Mozilla developer Bobby Holley discovered that it was\n possible to bypass some protections in Chrome Object\n Wrappers (COW) and System Only Wrappers (SOW), making\n their prototypes mutable by web content. This could be\n used leak information from chrome objects and possibly\n allow for arbitrary code execution. (MFSA 2013-24 /\n CVE-2013-0773)\n\n - Mozilla developer Boris Zbarsky reported that in some\n circumstances a wrapped WebIDL object can be wrapped\n multiple times, overwriting the existing wrapped state.\n This could lead to an exploitable condition in rare\n cases. (MFSA 2013-23 / CVE-2013-0765)\n\n - Using the Address Sanitizer tool, security researcher\n Atte Kettunen from OUSPG found an out-of-bounds read\n while rendering GIF format images. This could cause a\n non-exploitable crash and could also attempt to render\n normally inaccesible data as part of the image. (MFSA\n 2013-22 / CVE-2013-0772)\n\n - Mozilla developers identified and fixed several memory\n safety bugs in the browser engine used in Firefox and\n other Mozilla-based products. Some of these bugs showed\n evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code. (MFSA 2013-21)\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse\n Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery\n reported memory safety problems and crashes that affect\n Firefox ESR 17, and Firefox 18.\n\n - Memory safety bugs fixed in Firefox ESR 17.0.3, and\n Firefox 19. (CVE-2013-0783)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-21.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-22.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-23.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-24.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-25.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-26.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-27.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2013/mfsa2013-28.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0765.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0772.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0773.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0775.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0776.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0780.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0782.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0783.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7447.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-branding-SLED\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:beagle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:beagle-evolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:beagle-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:beagle-gui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:beagle-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mhtml-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"MozillaFirefox-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"MozillaFirefox-branding-SLED-7-0.6.9.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"MozillaFirefox-translations-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"beagle-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"beagle-evolution-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"beagle-firefox-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"beagle-gui-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"beagle-lang-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libfreebl3-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"mhtml-firefox-0.5-1.47.51.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"mozilla-nspr-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"mozilla-nss-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"mozilla-nss-tools-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"MozillaFirefox-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"MozillaFirefox-branding-SLED-7-0.6.9.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"MozillaFirefox-translations-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"beagle-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"beagle-evolution-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"beagle-firefox-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"beagle-gui-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"beagle-lang-0.3.8-56.51.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libfreebl3-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mhtml-firefox-0.5-1.47.51.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-tools-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"MozillaFirefox-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"MozillaFirefox-branding-SLED-7-0.6.9.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"MozillaFirefox-translations-17.0.3esr-0.4.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libfreebl3-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"mozilla-nspr-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"mozilla-nss-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"mozilla-nss-tools-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libfreebl3-32bit-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"mozilla-nss-32bit-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.14.2-0.4.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.5-0.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.14.2-0.4.3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-02T15:26:47", "references": ["https://usn.ubuntu.com/1748-1/"], "pluginID": "64892", "description": "Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0773)\n\nFrederik Braun discovered that Thunderbird made the location of the active browser profile available to JavaScript workers. Scripting for Thunderbird is disabled by default in Ubuntu. (CVE-2013-0774)\n\nA use-after-free vulnerability was discovered in Thunderbird. An attacker could potentially exploit this to execute code with the privileges of the user invoking Thunderbird if scripting were enabled.\n(CVE-2013-0775)\n\nMichal Zalewski discovered that Thunderbird would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks if scripting were enabled. (CVE-2013-0776)\n\nAbhishek Arya discovered several problems related to memory handling.\nIf the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)\n\nOlli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Thunderbird. If a user had scripting enabled and was tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash.\n(CVE-2013-0783, CVE-2013-0784).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 6, "reporter": "Tenable", "published": "2013-02-26T00:00:00", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1748-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781"], "modified": "2018-12-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:thunderbird", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1748-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64892", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1748-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64892);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/12/01 13:19:07\");\n\n script_cve_id(\"CVE-2013-0773\", \"CVE-2013-0774\", \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0777\", \"CVE-2013-0778\", \"CVE-2013-0779\", \"CVE-2013-0780\", \"CVE-2013-0781\", \"CVE-2013-0782\", \"CVE-2013-0783\", \"CVE-2013-0784\");\n script_bugtraq_id(58037, 58038, 58040, 58041, 58042, 58043, 58044, 58047, 58048, 58049, 58050, 58051);\n script_xref(name:\"USN\", value:\"1748-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1748-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bobby Holley discovered vulnerabilities in Chrome Object Wrappers\n(COW) and System Only Wrappers (SOW). If a user were tricked into\nopening a specially crafted page and had scripting enabled, a remote\nattacker could exploit this to bypass security protections to obtain\nsensitive information or potentially execute code with the privileges\nof the user invoking Thunderbird. (CVE-2013-0773)\n\nFrederik Braun discovered that Thunderbird made the location of the\nactive browser profile available to JavaScript workers. Scripting for\nThunderbird is disabled by default in Ubuntu. (CVE-2013-0774)\n\nA use-after-free vulnerability was discovered in Thunderbird. An\nattacker could potentially exploit this to execute code with the\nprivileges of the user invoking Thunderbird if scripting were enabled.\n(CVE-2013-0775)\n\nMichal Zalewski discovered that Thunderbird would not always show the\ncorrect address when cancelling a proxy authentication prompt. A\nremote attacker could exploit this to conduct URL spoofing and\nphishing attacks if scripting were enabled. (CVE-2013-0776)\n\nAbhishek Arya discovered several problems related to memory handling.\nIf the user were tricked into opening a specially crafted page, an\nattacker could possibly exploit these to cause a denial of service via\napplication crash, or potentially execute code with the privileges of\nthe user invoking Thunderbird. (CVE-2013-0777, CVE-2013-0778,\nCVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)\n\nOlli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew\nMcCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary\nKwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and\nNicolas Pierron discovered multiple memory safety issues affecting\nThunderbird. If a user had scripting enabled and was tricked into\nopening a specially crafted page, an attacker could possibly exploit\nthese to cause a denial of service via application crash.\n(CVE-2013-0783, CVE-2013-0784).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1748-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected thunderbird package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"thunderbird\", pkgver:\"17.0.3+build1-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"thunderbird\", pkgver:\"17.0.3+build1-0ubuntu0.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"thunderbird\", pkgver:\"17.0.3+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"thunderbird\", pkgver:\"17.0.3+build1-0ubuntu0.12.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-24T03:34:10", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "http://www.nessus.org/u?087c18b4", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-20/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/known-vulnerabilities/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64693", "description": "The Mozilla Project reports :\n\nMFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)\n\nMFSA 2013-22 Out-of-bounds read in image rendering\n\nMFSA 2013-23 Wrapped WebIDL objects can be wrapped again\n\nMFSA 2013-24 Web content bypass of COW and SOW security wrappers\n\nMFSA 2013-25 Privacy leak in JavaScript Workers\n\nMFSA 2013-26 Use-after-free in nsImageLoadingContent\n\nMFSA 2013-27 Phishing on HTTPS connection through malicious proxy\n\nMFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "FreeBSD : mozilla -- multiple vulnerabilities (e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0772"], "modified": "2018-11-23T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-thunderbird", "p-cpe:/a:freebsd:freebsd:linux-firefox", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxul", "p-cpe:/a:freebsd:freebsd:seamonkey", "p-cpe:/a:freebsd:freebsd:linux-seamonkey", "p-cpe:/a:freebsd:freebsd:firefox", "p-cpe:/a:freebsd:freebsd:thunderbird"], "id": "FREEBSD_PKG_E3F0374A7AD611E284CDD43D7E0C7C02.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64693", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64693);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/23 12:49:57\");\n\n script_cve_id(\"CVE-2013-0765\", \"CVE-2013-0772\", \"CVE-2013-0773\", \"CVE-2013-0774\", \"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0783\", \"CVE-2013-0784\");\n\n script_name(english:\"FreeBSD : mozilla -- multiple vulnerabilities (e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Mozilla Project reports :\n\nMFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)\n\nMFSA 2013-22 Out-of-bounds read in image rendering\n\nMFSA 2013-23 Wrapped WebIDL objects can be wrapped again\n\nMFSA 2013-24 Web content bypass of COW and SOW security wrappers\n\nMFSA 2013-25 Privacy leak in JavaScript Workers\n\nMFSA 2013-26 Use-after-free in nsImageLoadingContent\n\nMFSA 2013-27 Phishing on HTTPS connection through malicious proxy\n\nMFSA 2013-28 Use-after-free, out of bounds read, and buffer overflow\nissues found using Address Sanitizer\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-20.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-20/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-21.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-22.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-23.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-24.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-25.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-26.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\"\n );\n # http://www.mozilla.org/security/announce/2013/mfsa2013-27.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/known-vulnerabilities/\"\n );\n # https://vuxml.freebsd.org/freebsd/e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?087c18b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxul\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:seamonkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"firefox>18.0,1<19.0,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"firefox<17.0.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-firefox<17.0.3,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-seamonkey<2.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-thunderbird<17.0.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"seamonkey<2.16\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird>11.0<17.0.3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"thunderbird<10.0.12\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"libxul>1.9.2.*<10.0.12\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:47:35", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64720", "description": "The installed version of Thunderbird is earlier than 17.0.3 and thus, is potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "Thunderbird < 17.0.3 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_17_0_3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64720", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64720);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2013-0765\",\n \"CVE-2013-0772\",\n \"CVE-2013-0773\",\n \"CVE-2013-0774\",\n \"CVE-2013-0775\",\n \"CVE-2013-0776\",\n \"CVE-2013-0777\",\n \"CVE-2013-0778\",\n \"CVE-2013-0779\",\n \"CVE-2013-0780\",\n \"CVE-2013-0781\",\n \"CVE-2013-0782\",\n \"CVE-2013-0783\",\n \"CVE-2013-0784\"\n );\n script_bugtraq_id(\n 58034,\n 58036,\n 58037,\n 58038,\n 58040,\n 58041,\n 58042,\n 58043,\n 58044,\n 58047,\n 58048,\n 58049,\n 58050,\n 58051\n );\n\n script_name(english:\"Thunderbird < 17.0.3 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Mac OS X host contains a mail client that is potentially\naffected by several vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The installed version of Thunderbird is earlier than 17.0.3 and thus,\nis potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783,\n CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the\n handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping\n that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW)\n or System Only Wrappers (SOW) that could allow security\n bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile\n could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function\n 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related\n to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function\n 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function\n 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function\n 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function\n 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function\n 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the\n function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Thunderbird 17.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Thunderbird install is in the ESR branch.');\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, esr:FALSE, fix:'17.0.3', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:55:34", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64719", "description": "The installed version of Firefox 18.x is potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "Firefox 18.x Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "MacOS X Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_19_0.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64719", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64719);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/07/14 1:59:36\");\n\n script_cve_id(\n \"CVE-2013-0765\",\n \"CVE-2013-0772\",\n \"CVE-2013-0773\",\n \"CVE-2013-0774\",\n \"CVE-2013-0775\",\n \"CVE-2013-0776\",\n \"CVE-2013-0777\",\n \"CVE-2013-0778\",\n \"CVE-2013-0779\",\n \"CVE-2013-0780\",\n \"CVE-2013-0781\",\n \"CVE-2013-0782\",\n \"CVE-2013-0783\",\n \"CVE-2013-0784\"\n );\n script_bugtraq_id(\n 58037,\n 58038,\n 58041,\n 58042,\n 58043,\n 58044,\n 58047,\n 58048,\n 58049,\n 58050,\n 58051\n );\n\n script_name(english:\"Firefox 18.x Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The installed version of Firefox 18.x is potentially affected by the\nfollowing security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783,\n CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the\n handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping\n that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW)\n or System Only Wrappers (SOW) that could allow security\n bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile\n could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function\n 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related\n to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function\n 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function\n 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function\n 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function\n 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function\n 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the\n function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Firefox 19.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'19.0', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:03:26", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64723", "description": "The installed version of Firefox is earlier than 19.0 and thus, is potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "Firefox < 19.0 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MOZILLA_FIREFOX_190.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64723", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64723);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:14\");\n\n script_cve_id(\n \"CVE-2013-0765\",\n \"CVE-2013-0772\",\n \"CVE-2013-0773\",\n \"CVE-2013-0774\",\n \"CVE-2013-0775\",\n \"CVE-2013-0776\",\n \"CVE-2013-0777\",\n \"CVE-2013-0778\",\n \"CVE-2013-0779\",\n \"CVE-2013-0780\",\n \"CVE-2013-0781\",\n \"CVE-2013-0782\",\n \"CVE-2013-0783\",\n \"CVE-2013-0784\"\n );\n script_bugtraq_id(\n 58034,\n 58036,\n 58037,\n 58038,\n 58040,\n 58041,\n 58042,\n 58043,\n 58044,\n 58047,\n 58048,\n 58049,\n 58050,\n 58051\n );\n\n script_name(english:\"Firefox < 19.0 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The installed version of Firefox is earlier than 19.0 and thus, is\npotentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783,\n CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the\n handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping\n that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW)\n or System Only Wrappers (SOW) that could allow security\n bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile\n could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function\n 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related\n to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function\n 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function\n 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function\n 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function\n 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function\n 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the\n function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Firefox 19.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Firefox/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\"); \n\ninstalls = get_kb_list(\"SMB/Mozilla/Firefox/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Firefox\");\n\nmozilla_check_version(installs:installs, product:'firefox', esr:FALSE, fix:'19.0', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:37", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64724", "description": "The installed version of Thunderbird is earlier than 17.0.3 and thus, is potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "Mozilla Thunderbird < 17.0.3 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_1703.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64724", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64724);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n\n script_cve_id(\n \"CVE-2013-0765\",\n \"CVE-2013-0772\",\n \"CVE-2013-0773\",\n \"CVE-2013-0774\",\n \"CVE-2013-0775\",\n \"CVE-2013-0776\",\n \"CVE-2013-0777\",\n \"CVE-2013-0778\",\n \"CVE-2013-0779\",\n \"CVE-2013-0780\",\n \"CVE-2013-0781\",\n \"CVE-2013-0782\",\n \"CVE-2013-0783\",\n \"CVE-2013-0784\"\n );\n script_bugtraq_id(\n 58034,\n 58036,\n 58037,\n 58038,\n 58040,\n 58041,\n 58042,\n 58043,\n 58044,\n 58047,\n 58048,\n 58049,\n 58050,\n 58051\n );\n\n script_name(english:\"Mozilla Thunderbird < 17.0.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The installed version of Thunderbird is earlier than 17.0.3 and thus,\nis potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783,\n CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the\n handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping\n that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW)\n or System Only Wrappers (SOW) that could allow security\n bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile\n could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function\n 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related\n to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function\n 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function\n 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function\n 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function\n 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function\n 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the\n function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Thunderbird 17.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'17.0.3', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:39:05", "references": ["https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/"], "pluginID": "64726", "description": "The installed version of SeaMonkey is earlier than 2.16 and thus, is potentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783, CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW) or System Only Wrappers (SOW) that could allow security bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)", "edition": 6, "reporter": "Tenable", "published": "2013-02-20T00:00:00", "title": "SeaMonkey < 2.16 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2018-07-27T00:00:00", "cpe": ["cpe:/a:mozilla:seamonkey"], "id": "SEAMONKEY_216.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64726", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64726);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\n \"CVE-2013-0765\",\n \"CVE-2013-0772\",\n \"CVE-2013-0773\",\n \"CVE-2013-0774\",\n \"CVE-2013-0775\",\n \"CVE-2013-0776\",\n \"CVE-2013-0777\",\n \"CVE-2013-0778\",\n \"CVE-2013-0779\",\n \"CVE-2013-0780\",\n \"CVE-2013-0781\",\n \"CVE-2013-0782\",\n \"CVE-2013-0783\",\n \"CVE-2013-0784\"\n );\n script_bugtraq_id(\n 58034,\n 58036,\n 58037,\n 58038,\n 58040,\n 58041,\n 58042,\n 58043,\n 58044,\n 58047,\n 58048,\n 58049,\n 58050,\n 58051\n );\n\n script_name(english:\"SeaMonkey < 2.16 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of SeaMonkey\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Windows host contains a web browser that is affected by\nmultiple vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The installed version of SeaMonkey is earlier than 2.16 and thus, is\npotentially affected by the following security issues :\n\n - Numerous memory safety errors exist. (CVE-2013-0783,\n CVE-2013-0784)\n\n - An out-of-bounds read error exists related to the\n handling of GIF images. (CVE-2013-0772)\n\n - An error exists related to 'WebIDL' object wrapping\n that has an unspecified impact. (CVE-2013-0765)\n\n - An error exists related to Chrome Object Wrappers (COW)\n or System Only Wrappers (SOW) that could allow security\n bypass. (CVE-2013-0773)\n\n - The file system location of the active browser profile\n could be disclosed and used in further attacks.\n (CVE-2013-0774)\n\n - A use-after-free error exists in the function\n 'nsImageLoadingContent'. (CVE-2013-0775)\n\n - Spoofing HTTPS URLs is possible due to an error related\n to proxy '407' responses and embedded script code.\n (CVE-2013-0776)\n\n - A heap-based use-after-free error exists in the function\n 'nsDisplayBoxShadowOuter::Paint'. (CVE-2013-0777)\n\n - An out-of-bounds read error exists in the function\n 'ClusterIterator::NextCluster'. (CVE-2013-0778)\n\n - An out-of-bounds read error exists in the function\n 'nsCodingStateMachine::NextState'. (CVE-2013-0779)\n\n - A heap-based use-after-free error exists in the function\n 'nsOverflowContinuationTracker::Finish'. (CVE-2013-0780)\n\n - A heap-based use-after-free error exists in the function\n 'nsPrintEngine::CommonPrint'. (CVE-2013-0781)\n\n - A heap-based buffer overflow error exists in the\n function 'nsSaveAsCharset::DoCharsetConversion'.\n (CVE-2013-0782)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-21/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-22/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-23/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-24/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-25/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-26/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-27/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2013-28/\");\n\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to SeaMonkey 2.16 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:seamonkey\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"SeaMonkey/Version\");\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item(\"SMB/transport\");\nif (!port) port = 445;\n\ninstalls = get_kb_list(\"SMB/SeaMonkey/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"SeaMonkey\");\n\nmozilla_check_version(installs:installs, product:'seamonkey', fix:'2.16', severity:SECURITY_HOLE);", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:40:07", "references": ["http://www.nessus.org/u?faedc1ca"], "pluginID": "64779", "description": "Several flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782, CVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication prompt, the address bar continued to show the requested site's address. An attacker could use this flaw to conduct phishing attacks by tricking a user into believing they are viewing trusted content.\n(CVE-2013-0776)\n\nNote: All issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.\n\nImportant: This erratum upgrades Thunderbird to version 17.0.3 ESR.\nThunderbird 17 is not completely backwards-compatible with all Mozilla add-ons and Thunderbird plug-ins that worked with Thunderbird 10.0.\nThunderbird 17 checks compatibility on first-launch, and, depending on the individual configuration and the installed add-ons and plug-ins, may disable said Add-ons and plug-ins, or attempt to check for updates and upgrade them. Add-ons and plug-ins may have to be manually updated.\n\nAfter installing the update, Thunderbird must be restarted for the changes to take effect.", "edition": 4, "reporter": "Tenable", "published": "2013-02-21T00:00:00", "title": "Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0775", "CVE-2013-0776"], "modified": "2014-08-16T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130219_THUNDERBIRD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=64779", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64779);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2014/08/16 19:47:28 $\");\n\n script_cve_id(\"CVE-2013-0775\", \"CVE-2013-0776\", \"CVE-2013-0780\", \"CVE-2013-0782\", \"CVE-2013-0783\");\n\n script_name(english:\"Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially,\nexecute arbitrary code with the privileges of the user running\nThunderbird. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782,\nCVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication\nprompt, the address bar continued to show the requested site's\naddress. An attacker could use this flaw to conduct phishing attacks\nby tricking a user into believing they are viewing trusted content.\n(CVE-2013-0776)\n\nNote: All issues cannot be exploited by a specially crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. They\ncould be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nImportant: This erratum upgrades Thunderbird to version 17.0.3 ESR.\nThunderbird 17 is not completely backwards-compatible with all Mozilla\nadd-ons and Thunderbird plug-ins that worked with Thunderbird 10.0.\nThunderbird 17 checks compatibility on first-launch, and, depending on\nthe individual configuration and the installed add-ons and plug-ins,\nmay disable said Add-ons and plug-ins, or attempt to check for updates\nand upgrade them. Add-ons and plug-ins may have to be manually\nupdated.\n\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1302&L=scientific-linux-errata&T=0&P=3210\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?faedc1ca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-17.0.3-1.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"thunderbird-debuginfo-17.0.3-1.el5_9\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-17.0.3-1.el6_3\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"thunderbird-debuginfo-17.0.3-1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:43:04", "references": ["https://bugzilla.novell.com/796895", "https://bugzilla.novell.com/804248"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-devel-debuginfo", "packageFilename": "xulrunner-devel-debuginfo-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-devel-debuginfo", "packageFilename": "MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-buildsymbols", "packageFilename": "MozillaThunderbird-buildsymbols-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-buildsymbols", "packageFilename": "MozillaThunderbird-buildsymbols-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "1.5.1+17.0.3-33.51.1", "packageName": "enigmail-debuginfo", "packageFilename": "enigmail-debuginfo-1.5.1+17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-debuginfo", "packageFilename": "MozillaThunderbird-debuginfo-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-debugsource", "packageFilename": "seamonkey-debugsource-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debugsource", "packageFilename": "xulrunner-debugsource-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-debugsource", "packageFilename": "MozillaThunderbird-debugsource-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "1.5.1+17.0.3-49.31.1", "packageName": "enigmail", "packageFilename": "enigmail-1.5.1+17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-debugsource", "packageFilename": "seamonkey-debugsource-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee", "packageFilename": "chmsee-2.0-2.14.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee-debugsource", "packageFilename": "chmsee-debugsource-2.0-2.32.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-buildsymbols", "packageFilename": "MozillaFirefox-buildsymbols-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-buildsymbols", "packageFilename": "MozillaFirefox-buildsymbols-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-debuginfo", "packageFilename": "seamonkey-debuginfo-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-buildsymbols", "packageFilename": "MozillaThunderbird-buildsymbols-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-debugsource", "packageFilename": "MozillaFirefox-debugsource-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-32bit", "packageFilename": "mozilla-js-32bit-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-debugsource", "packageFilename": "MozillaFirefox-debugsource-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee-debugsource", "packageFilename": "chmsee-debugsource-2.0-2.14.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "1.5.1+17.0.3-33.51.1", "packageName": "enigmail", "packageFilename": "enigmail-1.5.1+17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-devel", "packageFilename": "MozillaFirefox-devel-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-debugsource", "packageFilename": "xulrunner-debugsource-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-debuginfo-32bit", "packageFilename": "mozilla-js-debuginfo-32bit-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-debugsource", "packageFilename": "MozillaThunderbird-debugsource-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-translations-other", "packageFilename": "MozillaFirefox-translations-other-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey", "packageFilename": "seamonkey-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js-debuginfo", "packageFilename": "mozilla-js-debuginfo-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-buildsymbols", "packageFilename": "MozillaFirefox-buildsymbols-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee", "packageFilename": "chmsee-2.0-2.32.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-devel-debuginfo", "packageFilename": "MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js-32bit", "packageFilename": "mozilla-js-32bit-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-debugsource", "packageFilename": "MozillaThunderbird-debugsource-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "1.5.1+17.0.3-49.31.1", "packageName": "enigmail-debuginfo", "packageFilename": "enigmail-debuginfo-1.5.1+17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-debuginfo", "packageFilename": "MozillaThunderbird-debuginfo-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-devel-debuginfo", "packageFilename": "MozillaThunderbird-devel-debuginfo-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-buildsymbols", "packageFilename": "xulrunner-buildsymbols-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "1.5.1+17.0.3-49.31.1", "packageName": "enigmail-debuginfo", "packageFilename": "enigmail-debuginfo-1.5.1+17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-x86", "packageFilename": "mozilla-js-x86-17.0.3-2.57.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-devel-debuginfo", "packageFilename": "xulrunner-devel-debuginfo-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "1.5.1+17.0.3-33.51.1", "packageName": "enigmail", "packageFilename": "enigmail-1.5.1+17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey", "packageFilename": "seamonkey-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-32bit", "packageFilename": "xulrunner-32bit-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-x86", "packageFilename": "xulrunner-x86-17.0.3-2.57.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee-debugsource", "packageFilename": "chmsee-debugsource-2.0-2.32.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-devel", "packageFilename": "MozillaFirefox-devel-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-devel", "packageFilename": "MozillaFirefox-devel-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js-debuginfo", "packageFilename": "mozilla-js-debuginfo-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee-debuginfo", "packageFilename": "chmsee-debuginfo-2.0-2.32.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-devel", "packageFilename": "MozillaFirefox-devel-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debugsource", "packageFilename": "xulrunner-debugsource-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debuginfo-x86", "packageFilename": "xulrunner-debuginfo-x86-17.0.3-2.57.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-debugsource", "packageFilename": "seamonkey-debugsource-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "1.5.1+17.0.3-49.31.1", "packageName": "enigmail", "packageFilename": "enigmail-1.5.1+17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js", "packageFilename": "mozilla-js-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-32bit", "packageFilename": "xulrunner-32bit-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-debugsource", "packageFilename": "MozillaFirefox-debugsource-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-debuginfo-32bit", "packageFilename": "xulrunner-debuginfo-32bit-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-dom-inspector", "packageFilename": "seamonkey-dom-inspector-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-debugsource", "packageFilename": "MozillaThunderbird-debugsource-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee", "packageFilename": "chmsee-2.0-2.32.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-debuginfo", "packageFilename": "mozilla-js-debuginfo-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js", "packageFilename": "mozilla-js-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee", "packageFilename": "chmsee-2.0-2.14.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-debugsource", "packageFilename": "xulrunner-debugsource-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-debuginfo", "packageFilename": "seamonkey-debuginfo-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-debuginfo", "packageFilename": "seamonkey-debuginfo-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js", "packageFilename": "mozilla-js-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-translations-common", "packageFilename": "MozillaThunderbird-translations-common-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-buildsymbols", "packageFilename": "MozillaFirefox-buildsymbols-19.0-2.33.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-debuginfo-x86", "packageFilename": "mozilla-js-debuginfo-x86-17.0.3-2.57.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-buildsymbols", "packageFilename": "xulrunner-buildsymbols-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee-debugsource", "packageFilename": "chmsee-debugsource-2.0-2.14.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-devel-debuginfo", "packageFilename": "xulrunner-devel-debuginfo-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "mozilla-js-debuginfo", "packageFilename": "mozilla-js-debuginfo-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "19.0-2.33.1", "packageName": "MozillaFirefox-translations-common", "packageFilename": "MozillaFirefox-translations-common-19.0-2.33.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js-debuginfo-32bit", "packageFilename": "mozilla-js-debuginfo-32bit-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee-debuginfo", "packageFilename": "chmsee-debuginfo-2.0-2.14.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-2.57.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.0-2.32.3", "packageName": "chmsee-debuginfo", "packageFilename": "chmsee-debuginfo-2.0-2.32.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-buildsymbols", "packageFilename": "xulrunner-buildsymbols-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-debuginfo", "packageFilename": "MozillaThunderbird-debuginfo-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.0-2.14.3", "packageName": "chmsee-debuginfo", "packageFilename": "chmsee-debuginfo-2.0-2.14.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-devel", "packageFilename": "MozillaThunderbird-devel-17.0.3-49.31.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-translations-other", "packageFilename": "seamonkey-translations-other-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-debuginfo", "packageFilename": "MozillaFirefox-debuginfo-19.0-2.62.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-buildsymbols", "packageFilename": "xulrunner-buildsymbols-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-2.57.1", "packageName": "xulrunner-devel-debuginfo", "packageFilename": "xulrunner-devel-debuginfo-17.0.3-2.57.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-debugsource", "packageFilename": "seamonkey-debugsource-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.16-2.34.2.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-translations-common", "packageFilename": "seamonkey-translations-common-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox-debugsource", "packageFilename": "MozillaFirefox-debugsource-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-debuginfo", "packageFilename": "seamonkey-debuginfo-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-buildsymbols", "packageFilename": "MozillaThunderbird-buildsymbols-17.0.3-33.51.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-debuginfo", "packageFilename": "MozillaThunderbird-debuginfo-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey", "packageFilename": "seamonkey-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "xulrunner-debuginfo-32bit", "packageFilename": "xulrunner-debuginfo-32bit-17.0.3-2.30.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "1.5.1+17.0.3-33.51.1", "packageName": "enigmail-debuginfo", "packageFilename": "enigmail-debuginfo-1.5.1+17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird", "packageFilename": "MozillaThunderbird-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-venkman", "packageFilename": "seamonkey-venkman-2.16-2.53.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "2.16-2.34.2", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.16-2.34.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-2.30.1", "packageName": "mozilla-js", "packageFilename": "mozilla-js-17.0.3-2.30.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "2.16-2.53.1", "packageName": "seamonkey-irc", "packageFilename": "seamonkey-irc-2.16-2.53.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.2", "packageVersion": "17.0.3-49.31.1", "packageName": "MozillaThunderbird-devel-debuginfo", "packageFilename": "MozillaThunderbird-devel-debuginfo-17.0.3-49.31.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "17.0.3-33.51.1", "packageName": "MozillaThunderbird-translations-other", "packageFilename": "MozillaThunderbird-translations-other-17.0.3-33.51.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "12.1", "packageVersion": "19.0-2.62.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-19.0-2.62.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "MozillaFirefox was updated to Firefox 19.0 (bnc#804248)\n MozillaThunderbird was updated to Thunderbird 17.0.3\n (bnc#804248) seamonkey was updated to SeaMonkey 2.16\n (bnc#804248) xulrunner was updated to 17.0.3esr\n (bnc#804248) chmsee was updated to version 2.0.\n\n Changes in MozillaFirefox 19.0:\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n - removed obsolete patches\n * mozilla-webrtc.patch\n * mozilla-gstreamer-803287.patch\n - added patch to fix session restore window order\n (bmo#712763)\n\n - update to Firefox 18.0.2\n * blocklist and CTP updates\n * fixes in JS engine\n\n - update to Firefox 18.0.1\n * blocklist updates\n * backed out bmo#677092 (removed patch)\n * fixed problems involving HTTP proxy transactions\n\n - Fix WebRTC to build on powerpc\n\n Changes in MozillaThunderbird:\n - update to Thunderbird 17.0.3 (bnc#804248)\n * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n - update Enigmail to 1.5.1\n * The release fixes the regressions found in the past few\n weeks\n\n Changes in seamonkey:\n - update to SeaMonkey 2.16 (bnc#804248)\n * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous\n memory safety hazards\n * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds\n read in image rendering\n * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL\n objects can be wrapped again\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/\n CVE-2013-0778/CVE-2013-0779/CVE-2013-0781\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n - removed obsolete patches\n * mozilla-webrtc.patch\n * mozilla-gstreamer-803287.patch\n\n - update to SeaMonkey 2.15.2\n * Applications could not be removed from the "Application\n details" dialog under Preferences, Helper Applications\n (bmo#826771).\n * View / Message Body As could show menu items out of\n context (bmo#831348)\n\n - update to SeaMonkey 2.15.1\n * backed out bmo#677092 (removed patch)\n * fixed problems involving HTTP proxy transactions\n\n - backed out restartless language packs as it broke\n multi-locale setup (bmo#677092, bmo#818468)\n\n Changes in xulrunner:\n - update to 17.0.3esr (bnc#804248)\n * MFSA 2013-21/CVE-2013-0783 Miscellaneous memory safety\n hazards\n * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content\n bypass of COW and SOW security wrappers\n * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in\n JavaScript Workers\n * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free\n in nsImageLoadingContent\n * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on\n HTTPS connection through malicious proxy\n * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782\n Use-after-free, out of bounds read, and buffer overflow\n issues found using Address Sanitizer\n\n", "edition": 1, "reporter": "Suse", "published": "2013-02-22T14:04:25", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "suse", "title": "Mozilla: February 2013 update round (Firefox 19) (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2013-02-22T14:04:25", "id": "OPENSUSE-SU-2013:0323-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:25:25", "references": ["https://bugzilla.novell.com/804248", "http://download.novell.com/patch/finder/?keywords=8807d796dff1dcb5ceabc4ae693cc9c4", "https://bugzilla.novell.com/806669"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.i586.rpm", "packageName": "beagle", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-32bit-4.9.5-0.3.2.ppc64.rpm", "packageName": "mozilla-nspr-32bit", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-devel-3.14.2-0.4.3.2.s390x.rpm", "packageName": "mozilla-nss-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-lang-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle-lang", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-32bit-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "mozilla-nss-32bit", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.ia64.rpm", "packageName": "MozillaFirefox", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-devel-4.9.5-0.3.2.ia64.rpm", "packageName": "mozilla-nspr-devel", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.s390x.rpm", "packageName": "mozilla-nss", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.i586.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "mozilla-nss", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.ia64.rpm", "packageName": "mozilla-nss", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-devel-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss-tools", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-devel-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "mozilla-nss-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-32bit-4.9.5-0.3.2.s390x.rpm", "packageName": "mozilla-nspr-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.x86_64.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.5-1.47.51.5", "packageFilename": "mhtml-firefox-0.5-1.47.51.5.i586.rpm", "packageName": "mhtml-firefox", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-x86-4.9.5-0.3.2.ia64.rpm", "packageName": "mozilla-nspr-x86", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-32bit-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "mozilla-nss-tools", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.s390x.rpm", "packageName": "MozillaFirefox-translations", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.5-1.47.51.5", "packageFilename": "mhtml-firefox-0.5-1.47.51.5.x86_64.rpm", "packageName": "mhtml-firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.i586.rpm", "packageName": "libfreebl3", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.ia64.rpm", "packageName": "mozilla-nspr", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.44.45.129", "packageFilename": "beagle-lang-0.3.8-56.44.45.129.s390x.rpm", "packageName": "beagle-lang", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.i586.rpm", "packageName": "mozilla-nspr", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.44.45.129", "packageFilename": "beagle-lang-0.3.8-56.44.45.129.i586.rpm", "packageName": "beagle-lang", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-32bit-3.14.2-0.4.3.2.s390x.rpm", "packageName": "mozilla-nss-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.ia64.rpm", "packageName": "MozillaFirefox-translations", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.s390x.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox-translations", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-devel-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-evolution-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle-evolution", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-32bit-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.44.45.129", "packageFilename": "beagle-lang-0.3.8-56.44.45.129.ia64.rpm", "packageName": "beagle-lang", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.44.45.129", "packageFilename": "beagle-lang-0.3.8-56.44.45.129.x86_64.rpm", "packageName": "beagle-lang", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-devel-0.3.8-56.51.1.i586.rpm", "packageName": "beagle-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.i586.rpm", "packageName": "libfreebl3", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.s390x.rpm", "packageName": "beagle", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-devel-4.9.5-0.3.2.i586.rpm", "packageName": "mozilla-nspr-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.ia64.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-firefox-0.3.8-56.51.1.i586.rpm", "packageName": "beagle-firefox", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "libfreebl3", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.s390x.rpm", "packageName": "MozillaFirefox", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.ppc64.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox-translations", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-devel-4.9.5-0.3.2.ppc64.rpm", "packageName": "mozilla-nspr-devel", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-32bit-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss-tools", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.i586.rpm", "packageName": "mozilla-nspr", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.x86_64.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox-translations", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-gui-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle-gui", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.ppc64.rpm", "packageName": "MozillaFirefox-translations", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-translations-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox-translations", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.ia64.rpm", "packageName": "beagle", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.ia64.rpm", "packageName": "libfreebl3", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.i586.rpm", "packageName": "libfreebl3", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-devel-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss-devel", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-evolution-0.3.8-56.51.1.i586.rpm", "packageName": "beagle-evolution", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.i586.rpm", "packageName": "beagle", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-firefox-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle-firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.s390x.rpm", "packageName": "mozilla-nspr", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-devel-3.14.2-0.4.3.2.ia64.rpm", "packageName": "mozilla-nss-devel", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.i586.rpm", "packageName": "MozillaFirefox", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.ia64.rpm", "packageName": "mozilla-nss-tools", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-x86-3.14.2-0.4.3.2.ia64.rpm", "packageName": "mozilla-nss-x86", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "7-0.6.9.5", "packageFilename": "MozillaFirefox-branding-SLED-7-0.6.9.5.i586.rpm", "packageName": "MozillaFirefox-branding-SLED", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-gui-0.3.8-56.51.1.i586.rpm", "packageName": "beagle-gui", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-32bit-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3-32bit", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "mozilla-nss", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.i586.rpm", "packageName": "mozilla-nspr", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.x86_64.rpm", "packageName": "libfreebl3", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-devel-4.9.5-0.3.2.s390x.rpm", "packageName": "mozilla-nspr-devel", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-x86-3.14.2-0.4.3.2.ia64.rpm", "packageName": "libfreebl3-x86", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-32bit-3.14.2-0.4.3.2.ppc64.rpm", "packageName": "libfreebl3-32bit", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-32bit-3.14.2-0.4.3.2.s390x.rpm", "packageName": "libfreebl3-32bit", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-devel-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "libfreebl3-3.14.2-0.4.3.2.s390x.rpm", "packageName": "libfreebl3", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.i586.rpm", "packageName": "mozilla-nss-tools", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.ppc64.rpm", "packageName": "mozilla-nspr", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.x86_64.rpm", "packageName": "MozillaFirefox", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-0.3.8-56.51.1.x86_64.rpm", "packageName": "beagle", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "3.14.2-0.4.3.2", "packageFilename": "mozilla-nss-tools-3.14.2-0.4.3.2.s390x.rpm", "packageName": "mozilla-nss-tools", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "11.2", "packageVersion": "0.3.8-56.51.1", "packageFilename": "beagle-lang-0.3.8-56.51.1.i586.rpm", "packageName": "beagle-lang", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.2", "packageVersion": "17.0.3esr-0.4.4.1", "packageFilename": "MozillaFirefox-17.0.3esr-0.4.4.1.ppc64.rpm", "packageName": "MozillaFirefox", "arch": "ppc64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for VMware", "OSVersion": "11.2", "packageVersion": "4.9.5-0.3.2", "packageFilename": "mozilla-nspr-4.9.5-0.3.2.x86_64.rpm", "packageName": "mozilla-nspr", "arch": "x86_64", "operator": "lt"}], "description": "MozillaFirefox has been updated to the 17.0.3ESR release.\n\n Important: due to compatibility issues, the Beagle plug-in\n for MozillaFirefox is temporarily disabled by this update.\n\n Besides the major version update from the 10ESR stable\n release line to the 17ESR stable release line, this update\n brings critical security and bugfixes:\n\n *\n\n MFSA 2013-28: Security researcher Abhishek Arya\n (Inferno) of the Google Chrome Security Team used the\n Address Sanitizer tool to discover a series of\n use-after-free, out of bounds read, and buffer overflow\n problems rated as low to critical security issues in\n shipped software. Some of these issues are potentially\n exploitable, allowing for remote code execution. We would\n also like to thank Abhishek for reporting four additional\n use-after-free and out of bounds write flaws introduced\n during Firefox development that were fixed before general\n release.\n\n *\n\n The following issues have been fixed in Firefox 19\n and ESR 17.0.3:\n\n o Heap-use-after-free in\n nsOverflowContinuationTracker::Finish, with -moz-columns\n (CVE-2013-0780) o Heap-buffer-overflow WRITE in\n nsSaveAsCharset::DoCharsetConversion (CVE-2013-0782)\n *\n\n MFSA 2013-27 / CVE-2013-0776: Google security\n researcher Michal Zalewski reported an issue where the\n browser displayed the content of a proxy's 407 response if\n a user canceled the proxy's authentication prompt. In this\n circumstance, the addressbar will continue to show the\n requested site's address, including HTTPS addresses that\n appear to be secure. This spoofing of addresses can be used\n for phishing attacks by fooling users into entering\n credentials, for example.\n\n *\n\n MFSA 2013-26 / CVE-2013-0775: Security researcher\n Nils reported a use-after-free in nsImageLoadingContent\n when content script is executed. This could allow for\n arbitrary code execution.\n\n *\n\n MFSA 2013-25 / CVE-2013-0774: Mozilla security\n researcher Frederik Braun discovered that since Firefox 15\n the file system location of the active browser profile was\n available to JavaScript workers. While not dangerous by\n itself, this could potentially be combined with other\n vulnerabilities to target the profile in an attack.\n\n *\n\n MFSA 2013-24 / CVE-2013-0773: Mozilla developer Bobby\n Holley discovered that it was possible to bypass some\n protections in Chrome Object Wrappers (COW) and System Only\n Wrappers (SOW), making their prototypes mutable by web\n content. This could be used leak information from chrome\n objects and possibly allow for arbitrary code execution.\n\n *\n\n MFSA 2013-23 / CVE-2013-0765: Mozilla developer Boris\n Zbarsky reported that in some circumstances a wrapped\n WebIDL object can be wrapped multiple times, overwriting\n the existing wrapped state. This could lead to an\n exploitable condition in rare cases.\n\n *\n\n MFSA 2013-22 / CVE-2013-0772: Using the Address\n Sanitizer tool, security researcher Atte Kettunen from\n OUSPG found an out-of-bounds read while rendering GIF\n format images. This could cause a non-exploitable crash and\n could also attempt to render normally inaccesible data as\n part of the image.\n\n *\n\n MFSA 2013-21: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse\n Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery\n reported memory safety problems and crashes that affect\n Firefox ESR 17, and Firefox 18.\n\n *\n\n Memory safety bugs fixed in Firefox ESR 17.0.3, and\n Firefox 19 (CVE-2013-0783).\n", "edition": 1, "reporter": "Suse", "published": "2013-03-08T22:04:48", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "type": "suse", "title": "Security update for Mozilla Firefox (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0772"], "modified": "2013-03-08T22:04:48", "id": "SUSE-SU-2013:0410-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00008.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:17:56", "references": ["http://download.novell.com/patch/finder/?keywords=e8a17727b5ca4754a7c066ed49b6d2d9", "https://bugzilla.novell.com/808243", "https://bugzilla.novell.com/804248"], "affectedPackage": [{"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.8-0.9.1", "packageName": "firefox3-python-base", "packageFilename": "firefox3-python-base-2.6.8-0.9.1.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-17.0.4esr-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "7-0.10.4", "packageName": "MozillaFirefox-branding-SLED", "packageFilename": "MozillaFirefox-branding-SLED-7-0.10.4.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.8-0.9.1", "packageName": "firefox3-python-base", "packageFilename": "firefox3-python-base-2.6.8-0.9.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "7-0.10.4", "packageName": "MozillaFirefox-branding-SLED", "packageFilename": "MozillaFirefox-branding-SLED-7-0.10.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-32bit", "packageFilename": "mozilla-nss-32bit-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-x86", "packageFilename": "mozilla-nspr-x86-4.9.4-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-17.0.4esr-0.7.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-64bit", "packageFilename": "mozilla-nspr-64bit-4.9.4-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-17.0.4esr-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-17.0.4esr-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-17.0.4esr-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-x86", "packageFilename": "mozilla-nss-x86-3.14.1-0.6.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-17.0.4esr-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "0.5-1.13.4", "packageName": "mhtml-firefox", "packageFilename": "mhtml-firefox-0.5-1.13.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-17.0.4esr-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-17.0.4esr-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.4-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-32bit", "packageFilename": "mozilla-nss-32bit-3.14.1-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-64bit", "packageFilename": "mozilla-nss-64bit-3.14.1-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-17.0.4esr-0.7.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "7-0.10.4", "packageName": "MozillaFirefox-branding-SLED", "packageFilename": "MozillaFirefox-branding-SLED-7-0.10.4.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-17.0.4esr-0.7.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.8-0.9.1", "packageName": "firefox3-python-base", "packageFilename": "firefox3-python-base-2.6.8-0.9.1.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.8-0.9.1", "packageName": "firefox3-python-base", "packageFilename": "firefox3-python-base-2.6.8-0.9.1.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "0.5-1.13.4", "packageName": "mhtml-firefox", "packageFilename": "mhtml-firefox-0.5-1.13.4.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-17.0.4esr-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-17.0.4esr-0.7.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "7-0.10.4", "packageName": "MozillaFirefox-branding-SLED", "packageFilename": "MozillaFirefox-branding-SLED-7-0.10.4.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.4-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-32bit", "packageFilename": "mozilla-nss-32bit-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-17.0.4esr-0.7.1.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-devel", "packageFilename": "mozilla-nss-devel-3.14.1-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.i586.rpm", "arch": "i586", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "2.6.8-0.9.1", "packageName": "firefox3-python-base", "packageFilename": "firefox3-python-base-2.6.8-0.9.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "7-0.10.4", "packageName": "MozillaFirefox-branding-SLED", "packageFilename": "MozillaFirefox-branding-SLED-7-0.10.4.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "10.4", "packageVersion": "4.9.4-0.6.3", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.4-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss", "packageFilename": "mozilla-nss-3.14.1-0.6.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "17.0.4esr-0.7.1", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-17.0.4esr-0.7.1.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "SLE SDK", "OSVersion": "10.4", "packageVersion": "3.14.1-0.6.3", "packageName": "mozilla-nss-tools", "packageFilename": "mozilla-nss-tools-3.14.1-0.6.3.ppc.rpm", "arch": "ppc", "operator": "lt"}], "description": "MozillaFirefox has been updated to the 17.0.4ESR release.\n Besides the major version update from the 10ESR stable\n release line to the 17ESR stable release line, this update\n brings critical security and bugfixes:\n\n * MFSA 2013-29 / CVE-2013-0787: VUPEN Security, via\n TippingPoint's Zero Day Initiative, reported a\n use-after-free within the HTML editor when content script\n is run by the document.execCommand() function while\n internal editor operations are occurring. This could allow\n for arbitrary code execution.\n\n The Firefox 17.0.3ESR release also contains lots of\n security fixes:\n\n * MFSA 2013-28: Security researcher Abhishek Arya\n (Inferno) of the Google Chrome Security Team used the\n Address Sanitizer tool to discover a series of\n use-after-free, out of bounds read, and buffer overflow\n problems rated as low to critical security issues in\n shipped software. Some of these issues are potentially\n exploitable, allowing for remote code execution. We would\n also like to thank Abhishek for reporting four additional\n use-after-free and out of bounds write flaws introduced\n during Firefox development that were fixed before general\n release.\n\n The following issues have been fixed in Firefox 19 and ESR\n 17.0.3:\n\n * Heap-use-after-free in\n nsOverflowContinuationTracker::Finish, with\n -moz-columns (CVE-2013-0780)\n *\n\n Heap-buffer-overflow WRITE in\n nsSaveAsCharset::DoCharsetConversion (CVE-2013-0782)\n\n *\n\n MFSA 2013-27 / CVE-2013-0776: Google security\n researcher Michal Zalewski reported an issue where the\n browser displayed the content of a proxy's 407 response if\n a user canceled the proxy's authentication prompt. In this\n circumstance, the addressbar will continue to show the\n requested site's address, including HTTPS addresses that\n appear to be secure. This spoofing of addresses can be used\n for phishing attacks by fooling users into entering\n credentials, for example.\n\n *\n\n MFSA 2013-26 / CVE-2013-0775: Security researcher\n Nils reported a use-after-free in nsImageLoadingContent\n when content script is executed. This could allow for\n arbitrary code execution.\n\n *\n\n MFSA 2013-25 / CVE-2013-0774: Mozilla security\n researcher Frederik Braun discovered that since Firefox 15\n the file system location of the active browser profile was\n available to JavaScript workers. While not dangerous by\n itself, this could potentially be combined with other\n vulnerabilities to target the profile in an attack.\n\n *\n\n MFSA 2013-24 / CVE-2013-0773: Mozilla developer Bobby\n Holley discovered that it was possible to bypass some\n protections in Chrome Object Wrappers (COW) and System Only\n Wrappers (SOW), making their prototypes mutable by web\n content. This could be used leak information from chrome\n objects and possibly allow for arbitrary code execution.\n\n *\n\n MFSA 2013-23 / CVE-2013-0765: Mozilla developer Boris\n Zbarsky reported that in some circumstances a wrapped\n WebIDL object can be wrapped multiple times, overwriting\n the existing wrapped state. This could lead to an\n exploitable condition in rare cases.\n\n *\n\n MFSA 2013-22 / CVE-2013-0772: Using the Address\n Sanitizer tool, security researcher Atte Kettunen from\n OUSPG found an out-of-bounds read while rendering GIF\n format images. This could cause a non-exploitable crash and\n could also attempt to render normally inaccesible data as\n part of the image.\n\n *\n\n MFSA 2013-21: Mozilla developers identified and fixed\n several memory safety bugs in the browser engine used in\n Firefox and other Mozilla-based products. Some of these\n bugs showed evidence of memory corruption under certain\n circumstances, and we presume that with enough effort at\n least some of these could be exploited to run arbitrary\n code.\n\n Olli Pettay, Christoph Diehl, Gary Kwong, Jesse\n Ruderman, Andrew McCreight, Joe Drew, and Wayne Mery\n reported memory safety problems and crashes that affect\n Firefox ESR 17, and Firefox 18.\n\n *\n\n Memory safety bugs fixed in Firefox ESR 17.0.3, and\n Firefox 19 (CVE-2013-0783)\n", "edition": 1, "reporter": "Suse", "published": "2013-03-15T19:04:45", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "type": "suse", "title": "Security update for Mozilla Firefox (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0787", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0775", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0772"], "modified": "2013-03-15T19:04:45", "id": "SUSE-SU-2013:0471-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00029.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:21:58", "references": ["https://bugzilla.novell.com/887746", "https://bugzilla.novell.com/603356", "https://bugzilla.novell.com/750044", "https://bugzilla.novell.com/765204", "https://bugzilla.novell.com/637303", "https://bugzilla.novell.com/861847", "https://bugzilla.novell.com/808243", "https://bugzilla.novell.com/528406", "https://bugzilla.novell.com/664211", "https://bugzilla.novell.com/657016", "https://bugzilla.novell.com/667155", "https://bugzilla.novell.com/771583", "https://bugzilla.novell.com/894201", "https://bugzilla.novell.com/825935", "https://bugzilla.novell.com/642502", "https://bugzilla.novell.com/720264", "https://bugzilla.novell.com/41903", "https://bugzilla.novell.com/104586", "https://bugzilla.novell.com/737533", "https://bugzilla.novell.com/881874", "https://bugzilla.novell.com/503151", "https://bugzilla.novell.com/726758", "https://bugzilla.novell.com/868603", "https://bugzilla.novell.com/593807", "https://bugzilla.novell.com/649492", "https://bugzilla.novell.com/622506", "https://bugzilla.novell.com/576969", "https://bugzilla.novell.com/796895", "https://bugzilla.novell.com/689281", "https://bugzilla.novell.com/354469", "https://bugzilla.novell.com/840485", "https://bugzilla.novell.com/847708", "https://bugzilla.novell.com/701296", "https://bugzilla.novell.com/744275", "https://bugzilla.novell.com/385739", "https://bugzilla.novell.com/790140", "https://bugzilla.novell.com/894370", "https://bugzilla.novell.com/529180", "https://bugzilla.novell.com/417869", "https://bugzilla.novell.com/429179", "https://bugzilla.novell.com/747328", "https://bugzilla.novell.com/712224", "https://bugzilla.novell.com/758408", "https://bugzilla.novell.com/559819", "https://bugzilla.novell.com/441084", "https://bugzilla.novell.com/455804", "https://bugzilla.novell.com/876833", "https://bugzilla.novell.com/804248", "https://bugzilla.novell.com/390992", "https://bugzilla.novell.com/819204", "https://bugzilla.novell.com/733002", "https://bugzilla.novell.com/777588", "https://bugzilla.novell.com/854370", "https://bugzilla.novell.com/484321", "https://bugzilla.novell.com/786522", "https://bugzilla.novell.com/582276", "https://bugzilla.novell.com/527418", "https://bugzilla.novell.com/732898", "https://bugzilla.novell.com/755060", "https://bugzilla.novell.com/714931", "https://bugzilla.novell.com/749440", "https://bugzilla.novell.com/833389", "https://bugzilla.novell.com/783533", "https://bugzilla.novell.com/728520", "https://bugzilla.novell.com/813026", "https://bugzilla.novell.com/439841", "https://bugzilla.novell.com/746616", "https://bugzilla.novell.com/518603", "https://bugzilla.novell.com/542809", "https://bugzilla.novell.com/645315", "https://bugzilla.novell.com/875378", "https://bugzilla.novell.com/586567"], "affectedPackage": [{"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "libfreebl3-3.16.4-94.1.i586.rpm", "packageName": "libfreebl3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-tools-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-translations-other-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-translations-other", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-debuginfo-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-debuginfo-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libfreebl3-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "libfreebl3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-tools-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-tools", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "libsoftokn3-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "libsoftokn3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libfreebl3-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "libfreebl3-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-devel-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "libsoftokn3-x86-3.16.4-94.1.ia64.rpm", "packageName": "libsoftokn3-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-certs-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-certs-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-debuginfo-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-certs-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-certs", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-sysinit-debuginfo-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-sysinit-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-certs-debuginfo-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-certs-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-debugsource-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-translations-other-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-translations-other", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-certs-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-certs", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-buildsymbols-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-buildsymbols", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libsoftokn3-3.16.4-94.1.x86_64.rpm", "packageName": "libsoftokn3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-sysinit-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-sysinit-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "libfreebl3-x86-3.16.4-94.1.ia64.rpm", "packageName": "libfreebl3-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libsoftokn3-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "libsoftokn3-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-certs-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-certs-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "libfreebl3-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "libfreebl3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-debugsource-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-sysinit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-sysinit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-certs-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-certs-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-sysinit-debuginfo-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-sysinit-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "libfreebl3-debuginfo-x86-3.16.4-94.1.ia64.rpm", "packageName": "libfreebl3-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-certs-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-certs-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "libsoftokn3-3.16.4-94.1.i586.rpm", "packageName": "libsoftokn3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libfreebl3-3.16.4-94.1.x86_64.rpm", "packageName": "libfreebl3", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-tools-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-tools-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-debugsource-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-branding-upstream-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-branding-upstream", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-devel-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-tools-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-tools-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libsoftokn3-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "libsoftokn3-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-buildsymbols-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-buildsymbols", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-devel-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-translations-common-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-translations-common", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-debugsource-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-debugsource", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-sysinit-debuginfo-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-sysinit-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-branding-upstream-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-branding-upstream", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libfreebl3-debuginfo-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "libfreebl3-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "libsoftokn3-debuginfo-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "libsoftokn3-debuginfo-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-sysinit-debuginfo-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-sysinit-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "mozilla-nss-certs-debuginfo-x86-3.16.4-94.1.ia64.rpm", "packageName": "mozilla-nss-certs-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "ia64", "packageFilename": "libsoftokn3-debuginfo-x86-3.16.4-94.1.ia64.rpm", "packageName": "libsoftokn3-debuginfo-x86", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "x86_64", "packageFilename": "MozillaFirefox-translations-common-24.8.0-127.1.x86_64.rpm", "packageName": "MozillaFirefox-translations-common", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "24.8.0-127.1", "arch": "i586", "packageFilename": "MozillaFirefox-debuginfo-24.8.0-127.1.i586.rpm", "packageName": "MozillaFirefox-debuginfo", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-32bit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-devel-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-devel", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "i586", "packageFilename": "mozilla-nss-sysinit-3.16.4-94.1.i586.rpm", "packageName": "mozilla-nss-sysinit", "operator": "lt"}, {"OS": "openSUSE", "OSVersion": "11.4", "packageVersion": "3.16.4-94.1", "arch": "x86_64", "packageFilename": "mozilla-nss-sysinit-32bit-3.16.4-94.1.x86_64.rpm", "packageName": "mozilla-nss-sysinit-32bit", "operator": "lt"}], "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification\n Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the "USERTrust Legacy Secure Server CA"\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "edition": 1, "reporter": "Suse", "published": "2014-09-09T18:04:16", "title": "Firefox update to 31.1esr (important)", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "modified": "2014-09-09T18:04:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "id": "OPENSUSE-SU-2014:1100-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:26", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0783", "https://launchpad.net/bugs/1131110", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0778", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0773", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0774"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "17.0.3+build1-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "17.0.3+build1-0ubuntu0.12.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "17.0.3+build1-0ubuntu0.11.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "17.0.3+build1-0ubuntu0.12.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}], "description": "Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0773)\n\nFrederik Braun discovered that Thunderbird made the location of the active browser profile available to JavaScript workers. Scripting for Thunderbird is disabled by default in Ubuntu. (CVE-2013-0774)\n\nA use-after-free vulnerability was discovered in Thunderbird. An attacker could potentially exploit this to execute code with the privileges of the user invoking Thunderbird if scripting were enabled. (CVE-2013-0775)\n\nMichal Zalewski discovered that Thunderbird would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks if scripting were enabled. (CVE-2013-0776)\n\nAbhishek Arya discovered several problems related to memory handling. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)\n\nOlli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Thunderbird. If a user had scripting enabled and was tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. (CVE-2013-0783, CVE-2013-0784)", "edition": 3, "reporter": "Ubuntu", "published": "2013-02-25T00:00:00", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0777", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781"], "modified": "2013-02-25T00:00:00", "id": "USN-1748-1", "href": "https://usn.ubuntu.com/1748-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:36", "references": ["https://usn.ubuntu.com/usn/usn-1729-1", "https://launchpad.net/bugs/1134409"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "19.0+build1-0ubuntu0.12.10.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "19.0+build1-0ubuntu0.12.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "19.0+build1-0ubuntu0.11.10.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}], "description": "USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nOlli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. (CVE-2013-0783, CVE-2013-0784)\n\nAtte Kettunen discovered that Firefox could perform an out-of-bounds read while rendering GIF format images. An attacker could exploit this to crash Firefox. (CVE-2013-0772)\n\nBoris Zbarsky discovered that Firefox did not properly handle some wrapped WebIDL objects. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0765)\n\nBobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0773)\n\nFrederik Braun discovered that Firefox made the location of the active browser profile available to JavaScript workers. (CVE-2013-0774)\n\nA use-after-free vulnerability was discovered in Firefox. An attacker could potentially exploit this to execute code with the privileges of the user invoking Firefox. (CVE-2013-0775)\n\nMichal Zalewski discovered that Firefox would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. (CVE-2013-0776)\n\nAbhishek Arya discovered several problems related to memory handling. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)", "edition": 3, "reporter": "Ubuntu", "published": "2013-03-01T00:00:00", "title": "Firefox regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2013-03-01T00:00:00", "id": "USN-1729-2", "href": "https://usn.ubuntu.com/1729-2/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:08", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0780", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0765", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0777", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0783", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0778", "https://launchpad.net/bugs/1128883", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0781", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0772", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0779", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0784", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0775", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0782", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0773", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0776", "https://people.canonical.com/~ubuntu-security/cve/CVE-2013-0774"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "19.0+build1-0ubuntu0.12.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "19.0+build1-0ubuntu0.12.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "19.0+build1-0ubuntu0.10.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "11.10", "packageVersion": "19.0+build1-0ubuntu0.11.10.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}], "description": "Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash. (CVE-2013-0783, CVE-2013-0784)\n\nAtte Kettunen discovered that Firefox could perform an out-of-bounds read while rendering GIF format images. An attacker could exploit this to crash Firefox. (CVE-2013-0772)\n\nBoris Zbarsky discovered that Firefox did not properly handle some wrapped WebIDL objects. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0765)\n\nBobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0773)\n\nFrederik Braun discovered that Firefox made the location of the active browser profile available to JavaScript workers. (CVE-2013-0774)\n\nA use-after-free vulnerability was discovered in Firefox. An attacker could potentially exploit this to execute code with the privileges of the user invoking Firefox. (CVE-2013-0775)\n\nMichal Zalewski discovered that Firefox would not always show the correct address when cancelling a proxy authentication prompt. A remote attacker could exploit this to conduct URL spoofing and phishing attacks. (CVE-2013-0776)\n\nAbhishek Arya discovered several problems related to memory handling. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782)", "edition": 3, "reporter": "Ubuntu", "published": "2013-02-20T00:00:00", "title": "Firefox vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2013-02-20T00:00:00", "id": "USN-1729-1", "href": "https://usn.ubuntu.com/1729-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:59", "references": ["http://www.mozilla.org/security/announce/2013/mfsa2013-26.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-24.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-21.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-20.html", "http://www.mozilla.org/security/known-vulnerabilities/", "http://www.mozilla.org/security/announce/2013/mfsa2013-23.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-25.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-27.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-22.html"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "17.0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "thunderbird", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.16", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.16", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-seamonkey", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "17.0.3,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "19.0,1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "firefox", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "10.0.12", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libxul", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "17.0.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-thunderbird", "operator": "lt"}], "description": "\nThe Mozilla Project reports:\n\nMFSA 2013-21 Miscellaneous memory safety hazards (rv:19.0 /\n\t rv:17.0.3)\nMFSA 2013-22 Out-of-bounds read in image rendering\nMFSA 2013-23 Wrapped WebIDL objects can be wrapped again\nMFSA 2013-24 Web content bypass of COW and SOW security wrappers\nMFSA 2013-25 Privacy leak in JavaScript Workers\nMFSA 2013-26 Use-after-free in nsImageLoadingContent\nMFSA 2013-27 Phishing on HTTPS connection through malicious proxy\nMFSA 2013-28 Use-after-free, out of bounds read, and buffer\n\t overflow issues found using Address Sanitizer\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2013-02-19T00:00:00", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0772"], "modified": "2013-02-20T00:00:00", "id": "E3F0374A-7AD6-11E2-84CD-D43D7E0C7C02", "href": "https://vuxml.freebsd.org/freebsd/e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:36", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "https://bugzilla.mozilla.org/show_bug.cgi?id=812893", "https://bugzilla.mozilla.org/show_bug.cgi?id=798867", "https://bugzilla.mozilla.org/show_bug.cgi?id=821991", "https://bugzilla.mozilla.org/show_bug.cgi?id=798691", "https://bugzilla.mozilla.org/show_bug.cgi?id=801330"], "edition": 1, "description": "Security researcher Abhishek Arya (Inferno) of the Google\nChrome Security Team used the Address Sanitizer tool to discover a series of\nuse-after-free, out of bounds read, and buffer overflow problems rated as low to\ncritical security issues in shipped software. Some of these issues are\npotentially exploitable, allowing for remote code execution. We would also like\nto thank Abhishek for reporting four additional use-after-free and out of bounds\nwrite flaws introduced during Firefox development that were fixed before general\nrelease. \n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0777", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0779", "CVE-2013-0781"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-28", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-28/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:37", "references": ["https://bugzilla.mozilla.org/buglist.cgi?bug_id=830943,799803,799907,819635,766452,827687,805294,801114,790373,809295,810169,797977", "https://bugzilla.mozilla.org/buglist.cgi?bug_id=830975,832162,822858,761448,812380,690970,826471,830399,818241,780549"], "edition": 1, "description": "Mozilla developers identified and fixed several memory safety bugs in the\nbrowser engine used in Firefox and other Mozilla-based products. Some of these\nbugs showed evidence of memory corruption under certain circumstances, and we\npresume that with enough effort at least some of these could be exploited to run\narbitrary code.\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "type": "mozilla", "title": "Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0783", "CVE-2013-0784"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-21", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-21/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:48", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=830614"], "edition": 1, "description": "Mozilla developer Boris Zbarsky reported that in some\ncircumstances a wrapped WebIDL object can be wrapped multiple\ntimes, overwriting the existing wrapped state. This could lead to an exploitable\ncondition in rare cases.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "mozilla", "title": "Wrapped WebIDL objects can be wrapped again", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}], "cvelist": ["CVE-2013-0765"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-23", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-23/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-05T13:37:42", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=809652"], "edition": 1, "description": "Mozilla developer Bobby Holley discovered that it was\npossible to bypass some protections in Chrome Object Wrappers (COW) and System\nOnly Wrappers (SOW), making their prototypes mutable by web content. This could\nbe used leak information from chrome objects and possibly allow for arbitrary\ncode execution.\n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Web content bypass of COW and SOW security wrappers", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0773"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-24", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-24/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:40", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827193"], "edition": 1, "description": "Mozilla security researcher Frederik Braun discovered that\nsince Firefox 15 the file system location of the active browser profile was\navailable to JavaScript workers. While not dangerous by itself, this could\npotentially be combined with other vulnerabilities to target the profile in an\nattack.\n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "mozilla", "title": "Privacy leak in JavaScript Workers", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0774"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-25", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-25/", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2016-09-05T13:37:43", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=831095"], "edition": 1, "description": "Security researcher Nils reported a use-after-free in\nnsImageLoadingContent when content script is executed. This could\nallow for arbitrary code execution.\n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "mozilla", "title": "Use-after-free in nsImageLoadingContent", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0775"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-26", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-26/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-05T13:37:41", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=796475"], "edition": 1, "description": "Google security researcher Michal Zalewski reported an issue\nwhere the browser displayed the content of a proxy's 407 response if a user\ncanceled the proxy's authentication prompt. In this circumstance, the addressbar\nwill continue to show the requested site's address, including HTTPS addresses\nthat appear to be secure. This spoofing of addresses can be used for phishing\nattacks by fooling users into entering credentials, for example.\n\nIn general these flaws cannot be exploited through email in the\nThunderbird and SeaMonkey products because scripting is disabled, but are\npotentially a risk in browser or browser-like contexts in those products.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "mozilla", "title": "Phishing on HTTPS connection through malicious proxy", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "Thunderbird", "version": "17.0.3", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}, {"name": "Thunderbird ESR", "version": "17.0.3", "operator": "lt"}, {"name": "Firefox ESR", "version": "17.0.3", "operator": "lt"}], "cvelist": ["CVE-2013-0776"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-27", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-27/", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-05T13:37:45", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=801366"], "edition": 1, "description": "Using the Address Sanitizer tool, security researcher Atte\nKettunen from OUSPG found an out-of-bounds read while rendering GIF\nformat images. This could cause a non-exploitable crash and could also attempt\nto render normally inaccesible data as part of the image.", "reporter": "Mozilla Foundation", "published": "2013-02-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "mozilla", "title": "Out-of-bounds read in image rendering", "bulletinFamily": "software", "affectedSoftware": [{"name": "Firefox", "version": "19", "operator": "lt"}, {"name": "SeaMonkey", "version": "2.16", "operator": "lt"}], "cvelist": ["CVE-2013-0772"], "modified": "2013-02-19T00:00:00", "id": "MFSA2013-22", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2013-22/", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:50", "references": [], "description": "Multiple memory corruptions, https response spoofing, information leakage, protection bypass, DoS.", "edition": 1, "reporter": "MOZILLA", "published": "2013-02-24T00:00:00", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:50", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Thunderbird", "version": "17.0", "operator": "eq"}, {"name": "SeaMonkey", "version": "2.15", "operator": "eq"}, {"name": "Firefox ESR", "version": "17.0", "operator": "eq"}, {"name": "Firefox", "version": "18.0", "operator": "eq"}], "cvelist": ["CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0778", "CVE-2013-0782", "CVE-2013-0773", "CVE-2013-0784", "CVE-2013-0775", "CVE-2013-0779", "CVE-2013-0774", "CVE-2013-0776", "CVE-2013-0781", "CVE-2013-0772"], "modified": "2013-02-24T00:00:00", "id": "SECURITYVULNS:VULN:12904", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12904", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:49", "references": ["https://rhn.redhat.com/errata/RHSA-2013-0272.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "thunderbird-17.0.3-1.el5.centos.i386.rpm", "packageName": "thunderbird", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "thunderbird-17.0.3-1.el5.centos.x86_64.rpm", "packageName": "thunderbird", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "thunderbird-17.0.3-1.el5.centos.src.rpm", "packageName": "thunderbird", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "thunderbird-17.0.3-1.el6.centos.i686.rpm", "packageName": "thunderbird", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "thunderbird-17.0.3-1.el6.centos.x86_64.rpm", "packageName": "thunderbird", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "thunderbird-17.0.3-1.el6.centos.src.rpm", "packageName": "thunderbird", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:0272\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2013-0775,\nCVE-2013-0780, CVE-2013-0782, CVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication\nprompt, the address bar continued to show the requested site's address. An\nattacker could use this flaw to conduct phishing attacks by tricking a\nuser into believing they are viewing trusted content. (CVE-2013-0776)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Nils, Abhishek Arya, Olli Pettay, Christoph Diehl,\nGary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, and\nMichal Zalewski as the original reporters of these issues.\n\nNote: All issues cannot be exploited by a specially-crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. They could\nbe exploited another way in Thunderbird, for example, when viewing the full\nremote content of an RSS feed.\n\nImportant: This erratum upgrades Thunderbird to version 17.0.3 ESR.\nThunderbird 17 is not completely backwards-compatible with all Mozilla\nadd-ons and Thunderbird plug-ins that worked with Thunderbird 10.0.\nThunderbird 17 checks compatibility on first-launch, and, depending on the\nindividual configuration and the installed add-ons and plug-ins, may\ndisable said Add-ons and plug-ins, or attempt to check for updates and\nupgrade them. Add-ons and plug-ins may have to be manually updated.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 17.0.3 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019246.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019251.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0272.html", "edition": 1, "reporter": "CentOS Project", "published": "2013-02-20T04:09:27", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "thunderbird security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0775", "CVE-2013-0776"], "modified": "2013-02-20T20:10:32", "href": "http://lists.centos.org/pipermail/centos-announce/2013-February/019246.html", "id": "CESA-2013:0272", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:24", "references": ["https://rhn.redhat.com/errata/RHSA-2013-0271.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-17.0.3-1.el6.centos.x86_64.rpm", "packageName": "xulrunner", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.i386.rpm", "packageName": "xulrunner-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.i386.rpm", "packageName": "xulrunner-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-kde", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-gnome", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-17.0.3-1.el6.centos.src.rpm", "packageName": "xulrunner", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-0.3.0-4.el6_3.src.rpm", "packageName": "libproxy", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-devel-17.0.3-1.el6.centos.i686.rpm", "packageName": "xulrunner-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-devel-17.0.3-1.el6.centos.i686.rpm", "packageName": "xulrunner-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-0.12-23.el5_9.i386.rpm", "packageName": "devhelp", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-0.12-23.el5_9.i386.rpm", "packageName": "devhelp", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-devel-17.0.3-1.el6.centos.x86_64.rpm", "packageName": "xulrunner-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-17.0.3-1.el5_9.i386.rpm", "packageName": "xulrunner", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-17.0.3-1.el5_9.i386.rpm", "packageName": "xulrunner", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-webkit", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "firefox-17.0.3-1.el5.centos.i386.rpm", "packageName": "firefox", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "firefox-17.0.3-1.el5.centos.i386.rpm", "packageName": "firefox", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-0.12-23.el5_9.x86_64.rpm", "packageName": "devhelp", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-devel", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-python-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-python", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-mozjs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-17.0.3-1.el5_9.src.rpm", "packageName": "xulrunner", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "firefox-17.0.3-1.el6.centos.x86_64.rpm", "packageName": "firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-mozjs", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "firefox-17.0.3-1.el5.centos.x86_64.rpm", "packageName": "firefox", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-0.12-23.el5_9.src.rpm", "packageName": "devhelp", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "packageFilename": "yelp-2.16.0-30.el5_9.i386.rpm", "packageName": "yelp", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-17.0.3-1.el6.centos.i686.rpm", "packageName": "xulrunner", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "xulrunner-17.0.3-1.el6.centos.i686.rpm", "packageName": "xulrunner", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5.centos", "packageFilename": "firefox-17.0.3-1.el5.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.x86_64.rpm", "packageName": "xulrunner-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "packageFilename": "xulrunner-17.0.3-1.el5_9.x86_64.rpm", "packageName": "xulrunner", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-devel-0.12-23.el5_9.x86_64.rpm", "packageName": "devhelp-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "packageFilename": "yelp-2.16.0-30.el5_9.src.rpm", "packageName": "yelp", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-bin", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "packageFilename": "yelp-2.28.1-17.el6_3.x86_64.rpm", "packageName": "yelp", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "packageFilename": "yelp-2.16.0-30.el5_9.x86_64.rpm", "packageName": "yelp", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-gnome", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-kde", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-devel-0.12-23.el5_9.i386.rpm", "packageName": "devhelp-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "packageFilename": "devhelp-devel-0.12-23.el5_9.i386.rpm", "packageName": "devhelp-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "firefox-17.0.3-1.el6.centos.i686.rpm", "packageName": "firefox", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "firefox-17.0.3-1.el6.centos.i686.rpm", "packageName": "firefox", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-webkit", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-bin", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-python-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-python", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "packageFilename": "yelp-2.28.1-17.el6_3.src.rpm", "packageName": "yelp", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "packageFilename": "yelp-2.28.1-17.el6_3.i686.rpm", "packageName": "yelp", "arch": "i686", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "17.0.3-1.el6.centos", "packageFilename": "firefox-17.0.3-1.el6.centos.src.rpm", "packageName": "firefox", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:0271\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782,\nCVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication\nprompt, the address bar continued to show the requested site's address. An\nattacker could use this flaw to conduct phishing attacks by tricking a\nuser into believing they are viewing a trusted site. (CVE-2013-0776)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Nils, Abhishek Arya, Olli Pettay, Christoph Diehl,\nGary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, and\nMichal Zalewski as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 17.0.3 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nNote that due to a Kerberos credentials change, the following configuration\nsteps may be required when using Firefox 17.0.3 ESR with the Enterprise\nIdentity Management (IPA) web interface:\n\nhttps://access.redhat.com/knowledge/solutions/294303\n\nImportant: Firefox 17 is not completely backwards-compatible with all\nMozilla add-ons and Firefox plug-ins that worked with Firefox 10.0.\nFirefox 17 checks compatibility on first-launch, and, depending on the\nindividual configuration and the installed add-ons and plug-ins, may\ndisable said Add-ons and plug-ins, or attempt to check for updates and\nupgrade them. Add-ons and plug-ins may have to be manually updated.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 17.0.3 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019242.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019243.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019244.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019245.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019247.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019248.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019249.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-February/019250.html\n\n**Affected packages:**\ndevhelp\ndevhelp-devel\nfirefox\nlibproxy\nlibproxy-bin\nlibproxy-devel\nlibproxy-gnome\nlibproxy-kde\nlibproxy-mozjs\nlibproxy-python\nlibproxy-webkit\nxulrunner\nxulrunner-devel\nyelp\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0271.html", "edition": 1, "reporter": "CentOS Project", "published": "2013-02-20T03:20:40", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "devhelp, firefox, libproxy, xulrunner, yelp security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0775", "CVE-2013-0776"], "modified": "2013-02-20T20:09:38", "href": "http://lists.centos.org/pipermail/centos-announce/2013-February/019242.html", "id": "CESA-2013:0271", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:59", "references": ["https://rhn.redhat.com/errata/RHSA-2013-1812.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-1.el5.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-1.el5.centos", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-1.el5.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "any", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-1.el5.centos", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5.centos.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:1812\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to terminate\nunexpectedly or, potentially, execute arbitrary code with the privileges of\nthe user running Firefox. (CVE-2013-5609, CVE-2013-5616, CVE-2013-5618,\nCVE-2013-6671, CVE-2013-5613)\n\nA flaw was found in the way Firefox rendered web content with missing\ncharacter encoding information. An attacker could use this flaw to possibly\nbypass same-origin inheritance and perform cross-site scripting (XSS)\nattacks. (CVE-2013-5612)\n\nIt was found that certain malicious web content could bypass restrictions\napplied by sandboxed iframes. An attacker could combine this flaw with\nother vulnerabilities to execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2013-5614)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Ben Turner, Bobby Holley, Jesse Ruderman, Christian\nHoller, Masato Kinugawa, Daniel Veditz, Jesse Schwartzentruber, Nils, Tyson\nSmith, and Atte Kettunen as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.2.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 24.2.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020067.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020073.html\n\n**Affected packages:**\nfirefox\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1812.html", "edition": 1, "reporter": "CentOS Project", "published": "2013-12-11T11:44:39", "title": "firefox security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-5612", "CVE-2013-5616", "CVE-2013-5613", "CVE-2013-5609", "CVE-2013-6671", "CVE-2013-5614", "CVE-2013-0772", "CVE-2013-5618"], "modified": "2013-12-13T00:08:28", "href": "http://lists.centos.org/pipermail/centos-announce/2013-December/020067.html", "id": "CESA-2013:1812", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:01", "references": ["https://rhn.redhat.com/errata/RHSA-2013-1823.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "i686", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6.centos.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6.centos.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "24.2.0-1.el6.centos", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-2.el5.centos", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5.centos.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-2.el5.centos", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5.centos.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "24.2.0-2.el5.centos", "arch": "any", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5.centos.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2013:1823\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2013-5609, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-5613)\n\nA flaw was found in the way Thunderbird rendered web content with missing\ncharacter encoding information. An attacker could use this flaw to possibly\nbypass same-origin inheritance and perform cross site-scripting (XSS)\nattacks. (CVE-2013-5612)\n\nIt was found that certain malicious web content could bypass restrictions\napplied by sandboxed iframes. An attacker could combine this flaw with\nother vulnerabilities to execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2013-5614)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Ben Turner, Bobby Holley, Jesse Ruderman, Christian\nHoller, Masato Kinugawa, Daniel Veditz, Jesse Schwartzentruber, Nils, Tyson\nSmith, and Atte Kettunen as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.2.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.2.0 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020068.html\nhttp://lists.centos.org/pipermail/centos-announce/2013-December/020072.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1823.html", "edition": 1, "reporter": "CentOS Project", "published": "2013-12-11T23:13:52", "title": "thunderbird security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-5612", "CVE-2013-5616", "CVE-2013-5613", "CVE-2013-6674", "CVE-2013-5609", "CVE-2013-6671", "CVE-2013-5614", "CVE-2013-0772", "CVE-2013-5618"], "modified": "2013-12-13T00:07:12", "href": "http://lists.centos.org/pipermail/centos-announce/2013-December/020068.html", "id": "CESA-2013:1823", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-06-12T21:09:51", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "x86_64", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "x86_64", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.16.0-30.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "src", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "src", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "src", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "i386", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.16.0-30.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "i386", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "x86_64", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "x86_64", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ppc", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "ppc", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.16.0-30.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ppc", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ppc", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc64", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ppc64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "ppc", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390x", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390x", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "s390x", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.16.0-30.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390x", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "s390x", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390x", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "s390x", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "s390x", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ia64", "packageName": "devhelp-debuginfo", "packageFilename": "devhelp-debuginfo-0.12-23.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ia64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ia64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "ia64", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.16.0-30.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "x86_64", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ia64", "packageName": "devhelp", "packageFilename": "devhelp-0.12-23.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ia64", "packageName": "devhelp-devel", "packageFilename": "devhelp-devel-0.12-23.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ia64", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ia64", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "ia64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "ia64", "packageName": "yelp", "packageFilename": "yelp-2.16.0-30.el5_9.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "i686", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.28.1-17.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "src", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "src", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "src", "packageName": "yelp", "packageFilename": "yelp-2.28.1-17.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "x86_64", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.28.1-17.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-kde", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-mozjs", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-gnome", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-webkit", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-kde", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-mozjs", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-webkit", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-gnome", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-bin", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageName": "libproxy-python", "packageFilename": "libproxy-python-0.3.0-4.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "i686", "packageName": "yelp", "packageFilename": "yelp-2.28.1-17.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-python", "packageFilename": "libproxy-python-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageName": "libproxy-bin", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "x86_64", "packageName": "yelp", "packageFilename": "yelp-2.28.1-17.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "ppc64", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.28.1-17.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-gnome", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-mozjs", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-kde", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-webkit", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-bin", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "ppc64", "packageName": "libproxy-python", "packageFilename": "libproxy-python-0.3.0-4.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "ppc64", "packageName": "yelp", "packageFilename": "yelp-2.28.1-17.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-17.0.3-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-debuginfo", "packageFilename": "libproxy-debuginfo-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "xulrunner-debuginfo", "packageFilename": "xulrunner-debuginfo-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "s390x", "packageName": "yelp-debuginfo", "packageFilename": "yelp-debuginfo-2.28.1-17.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-devel", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-gnome", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-kde", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-mozjs", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-webkit", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "xulrunner-devel", "packageFilename": "xulrunner-devel-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy", "packageFilename": "libproxy-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-bin", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "s390x", "packageName": "libproxy-python", "packageFilename": "libproxy-python-0.3.0-4.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390", "packageName": "xulrunner", "packageFilename": "xulrunner-17.0.3-1.el6_3.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "s390x", "packageName": "yelp", "packageFilename": "yelp-2.28.1-17.el6_3.s390x.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782,\nCVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication\nprompt, the address bar continued to show the requested site's address. An\nattacker could use this flaw to conduct phishing attacks by tricking a\nuser into believing they are viewing a trusted site. (CVE-2013-0776)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Nils, Abhishek Arya, Olli Pettay, Christoph Diehl,\nGary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, and\nMichal Zalewski as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 17.0.3 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nNote that due to a Kerberos credentials change, the following configuration\nsteps may be required when using Firefox 17.0.3 ESR with the Enterprise\nIdentity Management (IPA) web interface:\n\nhttps://access.redhat.com/knowledge/solutions/294303\n\nImportant: Firefox 17 is not completely backwards-compatible with all\nMozilla add-ons and Firefox plug-ins that worked with Firefox 10.0.\nFirefox 17 checks compatibility on first-launch, and, depending on the\nindividual configuration and the installed add-ons and plug-ins, may\ndisable said Add-ons and plug-ins, or attempt to check for updates and\nupgrade them. Add-ons and plug-ins may have to be manually updated.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 17.0.3 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2013-02-19T05:00:00", "type": "redhat", "title": "(RHSA-2013:0271) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0775", "CVE-2013-0776", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0783"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:07", "id": "RHSA-2013:0271", "href": "https://access.redhat.com/errata/RHSA-2013:0271", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T21:09:11", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "src", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el5_9.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el5_9.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "17.0.3-1.el5_9", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el5_9.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "src", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el6_3.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "i686", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el6_3.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el6_3.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "ppc64", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el6_3.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "17.0.3-1.el6_3", "arch": "s390x", "packageName": "thunderbird", "packageFilename": "thunderbird-17.0.3-1.el6_3.s390x.rpm", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content. Malicious\ncontent could cause Thunderbird to crash or, potentially, execute arbitrary\ncode with the privileges of the user running Thunderbird. (CVE-2013-0775,\nCVE-2013-0780, CVE-2013-0782, CVE-2013-0783)\n\nIt was found that, after canceling a proxy server's authentication\nprompt, the address bar continued to show the requested site's address. An\nattacker could use this flaw to conduct phishing attacks by tricking a\nuser into believing they are viewing trusted content. (CVE-2013-0776)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Nils, Abhishek Arya, Olli Pettay, Christoph Diehl,\nGary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, and\nMichal Zalewski as the original reporters of these issues.\n\nNote: All issues cannot be exploited by a specially-crafted HTML mail\nmessage as JavaScript is disabled by default for mail messages. They could\nbe exploited another way in Thunderbird, for example, when viewing the full\nremote content of an RSS feed.\n\nImportant: This erratum upgrades Thunderbird to version 17.0.3 ESR.\nThunderbird 17 is not completely backwards-compatible with all Mozilla\nadd-ons and Thunderbird plug-ins that worked with Thunderbird 10.0.\nThunderbird 17 checks compatibility on first-launch, and, depending on the\nindividual configuration and the installed add-ons and plug-ins, may\ndisable said Add-ons and plug-ins, or attempt to check for updates and\nupgrade them. Add-ons and plug-ins may have to be manually updated.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 17.0.3 ESR, which corrects these issues. After\ninstalling the update, Thunderbird must be restarted for the changes to\ntake effect.\n", "reporter": "RedHat", "published": "2013-02-19T05:00:00", "type": "redhat", "title": "(RHSA-2013:0272) Critical: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0775", "CVE-2013-0776", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0783"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:28", "id": "RHSA-2013:0272", "href": "https://access.redhat.com/errata/RHSA-2013:0272", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-12T21:10:18", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-2.el5_10", "arch": "x86_64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-2.el5_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-2.el5_10", "arch": "src", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5_10.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-2.el5_10", "arch": "i386", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-2.el5_10.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-2.el5_10", "arch": "i386", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5_10.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-2.el5_10", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-2.el5_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "i686", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-1.el6_5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "src", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6_5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "x86_64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-1.el6_5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "i686", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6_5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "x86_64", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6_5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc64", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-1.el6_5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc64", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6_5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390x", "packageName": "thunderbird-debuginfo", "packageFilename": "thunderbird-debuginfo-24.2.0-1.el6_5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390x", "packageName": "thunderbird", "packageFilename": "thunderbird-24.2.0-1.el6_5.s390x.rpm", "operator": "lt"}], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSeveral flaws were found in the processing of malformed content.\nMalicious content could cause Thunderbird to crash or, potentially, execute\narbitrary code with the privileges of the user running Thunderbird.\n(CVE-2013-5609, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-5613)\n\nA flaw was found in the way Thunderbird rendered web content with missing\ncharacter encoding information. An attacker could use this flaw to possibly\nbypass same-origin inheritance and perform cross site-scripting (XSS)\nattacks. (CVE-2013-5612)\n\nIt was found that certain malicious web content could bypass restrictions\napplied by sandboxed iframes. An attacker could combine this flaw with\nother vulnerabilities to execute arbitrary code with the privileges of the\nuser running Thunderbird. (CVE-2013-5614)\n\nNote: All of the above issues cannot be exploited by a specially crafted\nHTML mail message as JavaScript is disabled by default for mail messages.\nThey could be exploited another way in Thunderbird, for example, when\nviewing the full remote content of an RSS feed.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Ben Turner, Bobby Holley, Jesse Ruderman, Christian\nHoller, Masato Kinugawa, Daniel Veditz, Jesse Schwartzentruber, Nils, Tyson\nSmith, and Atte Kettunen as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Thunderbird 24.2.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 24.2.0 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n", "reporter": "RedHat", "published": "2013-12-11T05:00:00", "type": "redhat", "title": "(RHSA-2013:1823) Important: thunderbird security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0772", "CVE-2013-5609", "CVE-2013-5612", "CVE-2013-5613", "CVE-2013-5614", "CVE-2013-5616", "CVE-2013-5618", "CVE-2013-6671", "CVE-2013-6674"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:20", "id": "RHSA-2013:1823", "href": "https://access.redhat.com/errata/RHSA-2013:1823", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-06-06T18:04:48", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "i386", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "i386", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "ia64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el5_10.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "24.2.0-1.el5_10", "arch": "ia64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el5_10.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "i686", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "src", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "x86_64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "i686", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "x86_64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc64", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "ppc64", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390x", "packageName": "firefox-debuginfo", "packageFilename": "firefox-debuginfo-24.2.0-1.el6_5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390x", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "6", "packageVersion": "24.2.0-1.el6_5", "arch": "s390", "packageName": "firefox", "packageFilename": "firefox-24.2.0-1.el6_5.s390.rpm", "operator": "lt"}], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to terminate\nunexpectedly or, potentially, execute arbitrary code with the privileges of\nthe user running Firefox. (CVE-2013-5609, CVE-2013-5616, CVE-2013-5618,\nCVE-2013-6671, CVE-2013-5613)\n\nA flaw was found in the way Firefox rendered web content with missing\ncharacter encoding information. An attacker could use this flaw to possibly\nbypass same-origin inheritance and perform cross-site scripting (XSS)\nattacks. (CVE-2013-5612)\n\nIt was found that certain malicious web content could bypass restrictions\napplied by sandboxed iframes. An attacker could combine this flaw with\nother vulnerabilities to execute arbitrary code with the privileges of the\nuser running Firefox. (CVE-2013-5614)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Ben Turner, Bobby Holley, Jesse Ruderman, Christian\nHoller, Masato Kinugawa, Daniel Veditz, Jesse Schwartzentruber, Nils, Tyson\nSmith, and Atte Kettunen as the original reporters of these issues.\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 24.2.0 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 24.2.0 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "reporter": "RedHat", "published": "2013-12-11T05:00:00", "type": "redhat", "title": "(RHSA-2013:1812) Critical: firefox security update", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0772", "CVE-2013-5609", "CVE-2013-5612", "CVE-2013-5613", "CVE-2013-5614", "CVE-2013-5616", "CVE-2013-5618", "CVE-2013-6671"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:37", "id": "RHSA-2013:1812", "href": "https://access.redhat.com/errata/RHSA-2013:1812", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:49:32", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-bin", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ia64", "packageFilename": "devhelp-0.12-23.el5_9.ia64.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "x86_64", "packageFilename": "yelp-2.28.1-17.el6_3.x86_64.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "x86_64", "packageFilename": "xulrunner-17.0.3-1.0.2.el6_3.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "x86_64", "packageFilename": "devhelp-0.12-23.el5_9.x86_64.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "src", "packageFilename": "yelp-2.16.0-30.el5_9.src.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "src", "packageFilename": "yelp-2.16.0-30.el5_9.src.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "src", "packageFilename": "yelp-2.16.0-30.el5_9.src.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "ia64", "packageFilename": "xulrunner-devel-17.0.3-1.0.1.el5_9.ia64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageFilename": "devhelp-0.12-23.el5_9.i386.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageFilename": "devhelp-0.12-23.el5_9.i386.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "x86_64", "packageFilename": "firefox-17.0.3-1.0.1.el6_3.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "x86_64", "packageFilename": "xulrunner-devel-17.0.3-1.0.2.el6_3.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageFilename": "devhelp-devel-0.12-23.el5_9.i386.rpm", "packageName": "devhelp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "i386", "packageFilename": "devhelp-devel-0.12-23.el5_9.i386.rpm", "packageName": "devhelp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-webkit", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-gnome-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-gnome", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "i686", "packageFilename": "yelp-2.28.1-17.el6_3.i686.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-python-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "x86_64", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.x86_64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "x86_64", "packageFilename": "xulrunner-devel-17.0.3-1.0.1.el5_9.x86_64.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "src", "packageFilename": "libproxy-0.3.0-4.el6_3.src.rpm", "packageName": "libproxy", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "src", "packageFilename": "libproxy-0.3.0-4.el6_3.src.rpm", "packageName": "libproxy", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "x86_64", "packageFilename": "devhelp-devel-0.12-23.el5_9.x86_64.rpm", "packageName": "devhelp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "x86_64", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.x86_64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "i686", "packageFilename": "xulrunner-devel-17.0.3-1.0.2.el6_3.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "i686", "packageFilename": "xulrunner-devel-17.0.3-1.0.2.el6_3.i686.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "src", "packageFilename": "yelp-2.28.1-17.el6_3.src.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.28.1-17.el6_3", "arch": "src", "packageFilename": "yelp-2.28.1-17.el6_3.src.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "src", "packageFilename": "devhelp-0.12-23.el5_9.src.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "src", "packageFilename": "devhelp-0.12-23.el5_9.src.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "src", "packageFilename": "devhelp-0.12-23.el5_9.src.rpm", "packageName": "devhelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-bin-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-bin", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "ia64", "packageFilename": "yelp-2.16.0-30.el5_9.ia64.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-python-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "src", "packageFilename": "firefox-17.0.3-1.0.1.el6_3.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "src", "packageFilename": "firefox-17.0.3-1.0.1.el6_3.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.12-23.el5_9", "arch": "ia64", "packageFilename": "devhelp-devel-0.12-23.el5_9.ia64.rpm", "packageName": "devhelp-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-devel-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "ia64", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.ia64.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "i686", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.i686.rpm", "packageName": "libproxy-mozjs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "xulrunner-devel-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "xulrunner-devel-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "xulrunner-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-mozjs-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-mozjs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "i686", "packageFilename": "firefox-17.0.3-1.0.1.el6_3.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "i686", "packageFilename": "firefox-17.0.3-1.0.1.el6_3.i686.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "src", "packageFilename": "xulrunner-17.0.3-1.0.2.el6_3.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "src", "packageFilename": "xulrunner-17.0.3-1.0.2.el6_3.src.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-kde-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-kde", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "i686", "packageFilename": "xulrunner-17.0.3-1.0.2.el6_3.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.2.el6_3", "arch": "i686", "packageFilename": "xulrunner-17.0.3-1.0.2.el6_3.i686.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "i386", "packageFilename": "yelp-2.16.0-30.el5_9.i386.rpm", "packageName": "yelp", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.3.0-4.el6_3", "arch": "x86_64", "packageFilename": "libproxy-webkit-0.3.0-4.el6_3.x86_64.rpm", "packageName": "libproxy-webkit", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "ia64", "packageFilename": "xulrunner-17.0.3-1.0.1.el5_9.ia64.rpm", "packageName": "xulrunner", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "firefox-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "firefox", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.16.0-30.el5_9", "arch": "x86_64", "packageFilename": "yelp-2.16.0-30.el5_9.x86_64.rpm", "packageName": "yelp", "operator": "lt"}], "description": "firefox\n[17.0.3-1.0.1]\n- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones\n[17.0.3-1]\n- Update to 17.0.3 ESR\n[17.0.2-4]\n- Added NM preferences\n[17.0.2-3]\n- Update to 17.0.2 ESR\n[17.0.1-2]\n- Update to 17.0.1 ESR\n[17.0-1]\n- Update to 17.0 ESR\n[17.0-0.2.b4]\n- Update to 17 Beta 4\n[17.0-0.1.beta1]\n- Update to 17 Beta 1\nlibproxy\n[0.3.0-4]\n- Rebuild against newer gecko\nxulrunner\n[17.0.3-1.0.2]\n- Increase release number and rebuild.\n[17.0.3-1.0.1]\n- Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js\n- Removed XULRUNNER_VERSION from SOURCE21\n[17.0.3-1]\n- Update to 17.0.3 ESR\n[17.0.2-5]\n- Fixed NetworkManager preferences\n- Added fix for NM regression (mozbz#791626)\n[17.0.2-2]\n- Added fix for rhbz#816234 - NFS fix\n[17.0.2-1]\n- Update to 17.0.2 ESR\n[17.0.1-3]\n- Update to 17.0.1 ESR\n[17.0-1]\n- Update to 17.0 ESR\n[17.0-0.6.b5]\n- Update to 17 Beta 5\n- Updated fix for rhbz#872752 - embeded crash\n[17.0-0.5.b4]\n- Added fix for rhbz#872752 - embeded crash\n[17.0-0.4.b4]\n- Update to 17 Beta 4\n[17.0-0.3.b3]\n- Update to 17 Beta 3\n- Updated ppc(64) patch (mozbz#746112)\n[17.0-0.2.b2]\n- Built with system nspr/nss\n[17.0-0.1.b2]\n- Update to 17 Beta 2\n[17.0-0.1.b1]\n- Update to 17 Beta 1\nyelp\n[2.28.1-17]\n- Rebuild against gecko 17.0.2\n[2.28.1-15]\n- Build fixes for gecko 17", "edition": 3, "reporter": "Oracle", "published": "2013-02-19T00:00:00", "title": "firefox security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0775", "CVE-2013-0776"], "modified": "2013-02-19T00:00:00", "id": "ELSA-2013-0271", "href": "http://linux.oracle.com/errata/ELSA-2013-0271.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:16", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "src", "packageFilename": "thunderbird-17.0.3-1.0.1.el6_3.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "src", "packageFilename": "thunderbird-17.0.3-1.0.1.el6_3.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "x86_64", "packageFilename": "thunderbird-17.0.3-1.0.1.el5_9.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "thunderbird-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "src", "packageFilename": "thunderbird-17.0.3-1.0.1.el5_9.src.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "i686", "packageFilename": "thunderbird-17.0.3-1.0.1.el6_3.i686.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "17.0.3-1.0.1.el6_3", "arch": "x86_64", "packageFilename": "thunderbird-17.0.3-1.0.1.el6_3.x86_64.rpm", "packageName": "thunderbird", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "17.0.3-1.0.1.el5_9", "arch": "i386", "packageFilename": "thunderbird-17.0.3-1.0.1.el5_9.i386.rpm", "packageName": "thunderbird", "operator": "lt"}], "description": "[17.0.3-1.0.1.el6_3]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[17.0.3-1]\n- Update to 17.0.3 ESR\n[17.0.2-2]\n- Update to 17.0.2 ESR\n[17.0-2]\n- Update to 17.0 ESR\n[17.0b2-0.1]\n- Update to 17.0b2\n[17.0b1-0.1]\n- Rebase to 17 beta 1", "edition": 3, "reporter": "Oracle", "published": "2013-02-19T00:00:00", "title": "thunderbird security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-0783", "CVE-2013-0780", "CVE-2013-0782", "CVE-2013-0775", "CVE-2013-0776"], "modified": "2013-02-19T00:00:00", "id": "ELSA-2013-0272", "href": "http://linux.oracle.com/errata/ELSA-2013-0272.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:38:37", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=810169", "https://bugzilla.mozilla.org/show_bug.cgi?id=799803", "https://bugzilla.mozilla.org/show_bug.cgi?id=801114", "https://bugzilla.mozilla.org/show_bug.cgi?id=827687", "http://www.ubuntu.com/usn/USN-1748-1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=797977", "https://bugzilla.mozilla.org/show_bug.cgi?id=790373", "http://www.mozilla.org/security/announce/2013/mfsa2013-21.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=805294", "https://bugzilla.mozilla.org/show_bug.cgi?id=799907", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=819635", "https://bugzilla.mozilla.org/show_bug.cgi?id=766452", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=809295", "https://bugzilla.mozilla.org/show_bug.cgi?id=830943"], "edition": 2, "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0784", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:17119", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17119"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0784"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:50", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0784", "id": "CVE-2013-0784", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=830614", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-23.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1"], "edition": 2, "description": "Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote attackers to bypass intended access restrictions via unspecified vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0765", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:17097", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17097"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0765"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:47", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0765", "id": "CVE-2013-0765", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=809652", "http://www.ubuntu.com/usn/USN-1748-1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-24.html", "http://www.debian.org/security/2013/dsa-2699", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1"], "edition": 2, "description": "The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote attackers to obtain sensitive information from chrome objects or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0773", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16861", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16861"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0773"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:48", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0773", "id": "CVE-2013-0773", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:37", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=812380", "http://rhn.redhat.com/errata/RHSA-2013-0272.html", "http://www.ubuntu.com/usn/USN-1748-1", "http://rhn.redhat.com/errata/RHSA-2013-0271.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=822858", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=832162", "http://www.debian.org/security/2013/dsa-2699", "https://bugzilla.mozilla.org/show_bug.cgi?id=690970", "http://www.mozilla.org/security/announce/2013/mfsa2013-21.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=830975", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "https://bugzilla.mozilla.org/show_bug.cgi?id=761448", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=780549", "https://bugzilla.mozilla.org/show_bug.cgi?id=818241", "https://bugzilla.mozilla.org/show_bug.cgi?id=826471", "https://bugzilla.mozilla.org/show_bug.cgi?id=830399"], "edition": 2, "description": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0783", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16219", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16219"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0783"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:50", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0783", "id": "CVE-2013-0783", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["http://www.ubuntu.com/usn/USN-1748-1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=801330", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html"], "edition": 2, "description": "The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0779", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16747", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16747"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0779"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0779", "id": "CVE-2013-0779", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:37", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=827070", "http://rhn.redhat.com/errata/RHSA-2013-0272.html", "http://www.ubuntu.com/usn/USN-1748-1", "http://rhn.redhat.com/errata/RHSA-2013-0271.html", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://www.debian.org/security/2013/dsa-2699", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html"], "edition": 2, "description": "Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via unspecified vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0782", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16906", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16906"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0782"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:50", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0782", "id": "CVE-2013-0782", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:37", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=821991", "http://www.ubuntu.com/usn/USN-1748-1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html"], "edition": 2, "description": "Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0781", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16934", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16934"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0781"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0781", "id": "CVE-2013-0781", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=812893", "http://rhn.redhat.com/errata/RHSA-2013-0272.html", "http://www.ubuntu.com/usn/USN-1748-1", "http://rhn.redhat.com/errata/RHSA-2013-0271.html", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://www.debian.org/security/2013/dsa-2699", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "http://www.mozilla.org/security/announce/2013/mfsa2013-28.html"], "edition": 2, "description": "Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document that uses Cascading Style Sheets (CSS) -moz-column-* properties.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0780", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16383", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16383"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0780"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0780", "id": "CVE-2013-0780", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["http://www.ubuntu.com/usn/USN-1748-1", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.mozilla.org/security/announce/2013/mfsa2013-25.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1", "https://bugzilla.mozilla.org/show_bug.cgi?id=827193"], "edition": 2, "description": "Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent JavaScript workers from reading the browser-profile directory name, which has unspecified impact and remote attack vectors.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0774", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16797", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16797"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0774"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0774", "id": "CVE-2013-0774", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-09-19T13:38:36", "references": ["https://bugzilla.mozilla.org/show_bug.cgi?id=831095", "http://rhn.redhat.com/errata/RHSA-2013-0272.html", "http://www.ubuntu.com/usn/USN-1748-1", "http://www.mozilla.org/security/announce/2013/mfsa2013-26.html", "http://rhn.redhat.com/errata/RHSA-2013-0271.html", "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html", "http://www.debian.org/security/2013/dsa-2699", "http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html", "http://www.ubuntu.com/usn/USN-1729-2", "http://www.ubuntu.com/usn/USN-1729-1"], "edition": 2, "description": "Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code via crafted web script.", "reporter": "NVD", "published": "2013-02-19T18:55:01", "title": "CVE-2013-0775", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:16950", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16950"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2013-0775"], "scanner": [], "cpe": ["cpe:/a:mozilla:thunderbird:2.0.0.11", "cpe:/a:mozilla:thunderbird:11.0", "cpe:/a:mozilla:seamonkey:1.0.8", "cpe:/a:mozilla:firefox:2.0.0.9", "cpe:/a:mozilla:thunderbird:1.5.0.10", "cpe:/a:mozilla:thunderbird:3.0.6", "cpe:/a:mozilla:firefox:3.0.2", "cpe:/a:mozilla:seamonkey:2.1:beta2", "cpe:/a:mozilla:firefox:4.0:beta7", "cpe:/a:mozilla:firefox:3.5.6", "cpe:/a:mozilla:firefox:1.5.0.3", "cpe:/a:mozilla:thunderbird:3.0.2", "cpe:/a:mozilla:seamonkey:2.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.3", "cpe:/a:mozilla:seamonkey:1.0.99", "cpe:/a:mozilla:seamonkey:2.0", "cpe:/a:mozilla:thunderbird:2.0.0.9", "cpe:/a:mozilla:firefox:1.5.0.2", "cpe:/a:mozilla:firefox:2.0.0.14", "cpe:/a:mozilla:firefox:3.5.12", "cpe:/a:mozilla:seamonkey:2.0.7", "cpe:/a:mozilla:seamonkey:2.9:beta3", "cpe:/a:mozilla:seamonkey:2.1:alpha3", "cpe:/a:mozilla:seamonkey:2.7.1", "cpe:/a:mozilla:firefox:4.0:beta10", "cpe:/a:mozilla:firefox:3.5.14", "cpe:/a:mozilla:firefox:3.6.20", "cpe:/a:mozilla:firefox:2.0.0.18", "cpe:/a:mozilla:seamonkey:2.4:beta1", "cpe:/a:mozilla:thunderbird:3.1.16", "cpe:/a:mozilla:firefox:2.0.0.8", "cpe:/a:mozilla:firefox:18.0", "cpe:/a:mozilla:thunderbird:0.7", "cpe:/a:mozilla:seamonkey:2.12:beta5", "cpe:/a:mozilla:seamonkey:2.14:beta1", "cpe:/a:mozilla:thunderbird:3.1.11", "cpe:/a:mozilla:firefox:8.0", "cpe:/a:mozilla:thunderbird:3.0", "cpe:/a:mozilla:firefox:3.0.12", "cpe:/a:mozilla:firefox:16.0.2", "cpe:/a:mozilla:seamonkey:2.11:beta1", "cpe:/a:mozilla:thunderbird:10.0.3", "cpe:/a:mozilla:seamonkey:2.13:beta4", "cpe:/a:mozilla:firefox:0.4", "cpe:/a:mozilla:firefox:1.5.1", "cpe:/a:mozilla:firefox:1.5.4", "cpe:/a:mozilla:seamonkey:2.1:alpha1", "cpe:/a:mozilla:seamonkey:1.1.17", "cpe:/a:mozilla:seamonkey:1.0.2", "cpe:/a:mozilla:thunderbird:1.5:beta2", "cpe:/a:mozilla:seamonkey:1.1.2", "cpe:/a:mozilla:firefox:2.0.0.13", "cpe:/a:mozilla:seamonkey:2.12:beta1", "cpe:/a:mozilla:seamonkey:1.5.0.10", "cpe:/a:mozilla:seamonkey:1.1.18", "cpe:/a:mozilla:seamonkey:2.14:beta5", "cpe:/a:mozilla:seamonkey:2.0:beta_2", "cpe:/a:mozilla:seamonkey:2.15:beta3", "cpe:/a:mozilla:thunderbird:2.0.0.21", "cpe:/a:mozilla:seamonkey:1.1:beta", "cpe:/a:mozilla:thunderbird:7.0", "cpe:/a:mozilla:seamonkey:2.0.3", "cpe:/a:mozilla:seamonkey:2.15.2", "cpe:/a:mozilla:seamonkey:1.0", "cpe:/a:mozilla:seamonkey:1.0::dev", "cpe:/a:mozilla:firefox:0.5", "cpe:/a:mozilla:seamonkey:2.1:beta3", "cpe:/a:mozilla:seamonkey:2.0:beta_1", "cpe:/a:mozilla:firefox:4.0.1", "cpe:/a:mozilla:seamonkey:2.11:beta3", "cpe:/a:mozilla:firefox:10.0", "cpe:/a:mozilla:firefox:3.5.3", "cpe:/a:mozilla:seamonkey:1.5.0.9", "cpe:/a:mozilla:firefox:2.0.0.3", "cpe:/a:mozilla:thunderbird:1.0.8", "cpe:/a:mozilla:firefox:8.0.1", "cpe:/a:mozilla:seamonkey:2.0a1::pre", "cpe:/a:mozilla:seamonkey:2.0.11", "cpe:/a:mozilla:seamonkey:2.7:beta2", "cpe:/a:mozilla:seamonkey:2.13.2", "cpe:/a:mozilla:thunderbird:3.1.6", "cpe:/a:mozilla:firefox:2.0.0.2", "cpe:/a:mozilla:firefox:1.5.0.1", "cpe:/a:mozilla:firefox:3.6.12", "cpe:/a:mozilla:firefox:3.6.7", "cpe:/a:mozilla:firefox:3.6.2", "cpe:/a:mozilla:firefox:4.0:beta6", "cpe:/a:mozilla:seamonkey:2.3", "cpe:/a:mozilla:seamonkey:2.7:beta4", "cpe:/a:mozilla:firefox:2.0.0.12", "cpe:/a:mozilla:seamonkey:1.0::beta", "cpe:/a:mozilla:firefox:3.5.13", "cpe:/a:mozilla:thunderbird:3.0.7", "cpe:/a:mozilla:seamonkey:2.15:beta5", "cpe:/a:mozilla:firefox:3.0.4", "cpe:/a:mozilla:firefox:3.6.17", "cpe:/a:mozilla:seamonkey:2.13.1", "cpe:/a:mozilla:firefox:0.8", "cpe:/a:mozilla:firefox:5.0.1", "cpe:/a:mozilla:seamonkey:1.0.9", "cpe:/a:mozilla:seamonkey:2.4.1", "cpe:/a:mozilla:firefox:7.0", "cpe:/a:mozilla:firefox:10.0.1", "cpe:/a:mozilla:seamonkey:2.8", "cpe:/a:mozilla:firefox:3.0.14", "cpe:/a:mozilla:firefox:14.0.1", "cpe:/a:mozilla:seamonkey:2.3:beta2", "cpe:/a:mozilla:seamonkey:2.5:beta4", "cpe:/a:mozilla:firefox:3.6.4", "cpe:/a:mozilla:thunderbird:10.0.4", "cpe:/a:mozilla:firefox:1.5.7", "cpe:/a:mozilla:thunderbird:1.0.4", "cpe:/a:mozilla:seamonkey:2.7:beta5", "cpe:/a:mozilla:firefox:3.6.19", "cpe:/a:mozilla:thunderbird:2.0.0.22", "cpe:/a:mozilla:seamonkey:2.13:beta1", "cpe:/a:mozilla:seamonkey:2.11:beta2", "cpe:/a:mozilla:firefox:1.0.5", "cpe:/a:mozilla:firefox:9.0", "cpe:/a:mozilla:thunderbird:2.0.0.12", "cpe:/a:mozilla:thunderbird:1.5.0.2", "cpe:/a:mozilla:seamonkey:2.12:beta3", "cpe:/a:mozilla:seamonkey:2.15:beta2", "cpe:/a:mozilla:thunderbird:1.7.1", "cpe:/a:mozilla:firefox:2.0.0.17", "cpe:/a:mozilla:thunderbird:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.1.15", "cpe:/a:mozilla:seamonkey:2.1:rc2", "cpe:/a:mozilla:firefox:0.10.1", "cpe:/a:mozilla:firefox:14.0", "cpe:/a:mozilla:seamonkey:2.7.2", "cpe:/a:mozilla:thunderbird:10.0", "cpe:/a:mozilla:firefox:2.0", "cpe:/a:mozilla:firefox:4.0:beta12", "cpe:/a:mozilla:thunderbird:1.5.0.4", "cpe:/a:mozilla:firefox:1.0:preview_release", "cpe:/a:mozilla:seamonkey:2.9:beta2", "cpe:/a:mozilla:thunderbird:3.0.10", "cpe:/a:mozilla:firefox:1.0", "cpe:/a:mozilla:firefox:6.0.1", "cpe:/a:mozilla:firefox:2.0.0.20", "cpe:/a:mozilla:thunderbird:3.1", "cpe:/a:mozilla:firefox:1.5:beta1", "cpe:/a:mozilla:seamonkey:2.6:beta3", "cpe:/a:mozilla:firefox:4.0:beta4", "cpe:/a:mozilla:thunderbird:15.0.1", "cpe:/a:mozilla:firefox:1.0.3", "cpe:/a:mozilla:seamonkey:2.12", "cpe:/a:mozilla:firefox:2.0.0.10", "cpe:/a:mozilla:seamonkey:1.1.9", "cpe:/a:mozilla:thunderbird:1.5.0.6", "cpe:/a:mozilla:seamonkey:2.2:beta1", "cpe:/a:mozilla:firefox:4.0:beta8", "cpe:/a:mozilla:seamonkey:2.8:beta2", "cpe:/a:mozilla:seamonkey:2.0:rc1", "cpe:/a:mozilla:thunderbird:1.0", "cpe:/a:mozilla:firefox:1.8", "cpe:/a:mozilla:seamonkey:2.13:beta2", "cpe:/a:mozilla:firefox:1.5.0.5", "cpe:/a:mozilla:firefox:1.5.0.12", "cpe:/a:mozilla:seamonkey:2.16:beta1", "cpe:/a:mozilla:thunderbird:1.0.1", "cpe:/a:mozilla:firefox:17.0.1", "cpe:/a:mozilla:thunderbird:10.0.1", "cpe:/a:mozilla:seamonkey:1.1.10", "cpe:/a:mozilla:firefox:3.5.5", "cpe:/a:mozilla:firefox:3.0.5", "cpe:/a:mozilla:seamonkey:1.1.12", "cpe:/a:mozilla:thunderbird:1.5.2", "cpe:/a:mozilla:firefox:3.6", "cpe:/a:mozilla:thunderbird:3.1.3", "cpe:/a:mozilla:firefox:11.0", "cpe:/a:mozilla:firefox:4.0", "cpe:/a:mozilla:thunderbird:1.5.0.1", "cpe:/a:mozilla:firefox:0.9.2", "cpe:/a:mozilla:thunderbird:6.0.2", "cpe:/a:mozilla:firefox:1.5.6", "cpe:/a:mozilla:seamonkey:2.3:beta3", "cpe:/a:mozilla:seamonkey:2.15", "cpe:/a:mozilla:seamonkey:2.11:beta6", "cpe:/a:mozilla:seamonkey:2.2:beta2", "cpe:/a:mozilla:seamonkey:2.0.8", "cpe:/a:mozilla:firefox:1.5:beta2", "cpe:/a:mozilla:seamonkey:2.9:beta1", "cpe:/a:mozilla:seamonkey:2.1:alpha2", "cpe:/a:mozilla:firefox:1.0.4", "cpe:/a:mozilla:seamonkey:1.1.6", "cpe:/a:mozilla:thunderbird:3.0.3", "cpe:/a:mozilla:thunderbird:0.4", "cpe:/a:mozilla:firefox:2.0.0.7", "cpe:/a:mozilla:firefox:3.5.1", "cpe:/a:mozilla:seamonkey:2.5:beta1", "cpe:/a:mozilla:seamonkey:2.0:rc2", "cpe:/a:mozilla:firefox:3.5.7", "cpe:/a:mozilla:thunderbird:2.0.0.23", "cpe:/a:mozilla:firefox:1.0.7", "cpe:/a:mozilla:seamonkey:1.1.5", "cpe:/a:mozilla:firefox:1.0.6", "cpe:/a:mozilla:seamonkey:1.1:alpha", "cpe:/a:mozilla:thunderbird:0.7.2", "cpe:/a:mozilla:firefox:9.0.1", "cpe:/a:mozilla:firefox:3.0.9", "cpe:/a:mozilla:firefox:3.6.8", "cpe:/a:mozilla:firefox:1.0.1", "cpe:/a:mozilla:seamonkey:2.4", "cpe:/a:mozilla:seamonkey:2.11:beta5", "cpe:/a:mozilla:seamonkey:1.1.4", "cpe:/a:mozilla:firefox:7.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.19", "cpe:/a:mozilla:thunderbird:3.0.8", "cpe:/a:mozilla:seamonkey:2.6", "cpe:/a:mozilla:seamonkey:2.16:beta3", "cpe:/a:mozilla:thunderbird:0.6", "cpe:/a:mozilla:thunderbird:3.1.14", "cpe:/a:mozilla:firefox:2.0.0.15", "cpe:/a:mozilla:seamonkey:2.0.4", "cpe:/a:mozilla:firefox:3.6.3", "cpe:/a:mozilla:firefox:3.6.23", "cpe:/a:mozilla:thunderbird:2.0.0.7", "cpe:/a:mozilla:seamonkey:2.11:beta4", "cpe:/a:mozilla:thunderbird:3.1.1", "cpe:/a:mozilla:firefox:3.6.9", "cpe:/a:mozilla:thunderbird:17.0", "cpe:/a:mozilla:firefox:3.6.24", "cpe:/a:mozilla:thunderbird_esr:17.0", "cpe:/a:mozilla:firefox:3.5", "cpe:/a:mozilla:firefox:1.5.0.10", "cpe:/a:mozilla:seamonkey:2.14:beta4", "cpe:/a:mozilla:seamonkey:2.0:alpha_3", "cpe:/a:mozilla:seamonkey:2.12.1", "cpe:/a:mozilla:thunderbird:9.0.1", "cpe:/a:mozilla:seamonkey:1.0::alpha", "cpe:/a:mozilla:thunderbird:3.1.2", "cpe:/a:mozilla:thunderbird:2.0.0.2", "cpe:/a:mozilla:thunderbird:9.0", "cpe:/a:mozilla:seamonkey:2.0.14", "cpe:/a:mozilla:thunderbird:1.5.0.13", "cpe:/a:mozilla:seamonkey:2.5", "cpe:/a:mozilla:thunderbird:7.0.1", "cpe:/a:mozilla:seamonkey:2.2:beta3", "cpe:/a:mozilla:firefox:15.0", "cpe:/a:mozilla:thunderbird:0.8", "cpe:/a:mozilla:seamonkey:2.16:beta5", "cpe:/a:mozilla:firefox:1.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.5", "cpe:/a:mozilla:seamonkey:1.0.6", "cpe:/a:mozilla:thunderbird:11.0.1", "cpe:/a:mozilla:seamonkey:2.3.3", "cpe:/a:mozilla:firefox:3.0.16", "cpe:/a:mozilla:seamonkey:2.15:beta1", "cpe:/a:mozilla:firefox:1.5.8", "cpe:/a:mozilla:firefox:4.0:beta5", "cpe:/a:mozilla:firefox_esr:17.0.2", "cpe:/a:mozilla:firefox:6.0.2", "cpe:/a:mozilla:thunderbird:2.0.0.13", "cpe:/a:mozilla:thunderbird:6.0", "cpe:/a:mozilla:seamonkey:2.0.2", "cpe:/a:mozilla:thunderbird:16.0.2", "cpe:/a:mozilla:firefox:3.0.13", "cpe:/a:mozilla:thunderbird:2.0.0.20", "cpe:/a:mozilla:firefox:0.10", "cpe:/a:mozilla:seamonkey:2.5:beta2", "cpe:/a:mozilla:seamonkey:2.9", "cpe:/a:mozilla:firefox:0.9.1", "cpe:/a:mozilla:seamonkey:1.0.4", "cpe:/a:mozilla:seamonkey:2.0.13", "cpe:/a:mozilla:thunderbird:17.0.2", "cpe:/a:mozilla:firefox:0.6", "cpe:/a:mozilla:firefox:13.0", "cpe:/a:mozilla:seamonkey:2.7", "cpe:/a:mozilla:seamonkey:2.1:beta1", "cpe:/a:mozilla:seamonkey:1.0.5", "cpe:/a:mozilla:thunderbird:0.7.1", "cpe:/a:mozilla:firefox:3.6.22", "cpe:/a:mozilla:firefox:4.0:beta2", "cpe:/a:mozilla:seamonkey:1.0:alpha", "cpe:/a:mozilla:firefox:1.5.5", "cpe:/a:mozilla:thunderbird:10.0.2", "cpe:/a:mozilla:seamonkey:2.10.1", "cpe:/a:mozilla:thunderbird:1.0.5:beta", "cpe:/a:mozilla:firefox:3.0.11", "cpe:/a:mozilla:seamonkey:2.4:beta2", "cpe:/a:mozilla:firefox:1.5.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.12", "cpe:/a:mozilla:firefox:2.0.0.1", "cpe:/a:mozilla:thunderbird:8.0", "cpe:/a:mozilla:firefox:1.5.0.9", "cpe:/a:mozilla:seamonkey:1.0.7", "cpe:/a:mozilla:thunderbird:2.0.0.3", "cpe:/a:mozilla:firefox:1.5.2", "cpe:/a:mozilla:seamonkey:2.12:beta2", "cpe:/a:mozilla:seamonkey:2.13", "cpe:/a:mozilla:seamonkey:2.0:alpha_1", "cpe:/a:mozilla:firefox:12.0", "cpe:/a:mozilla:seamonkey:1.1.11", "cpe:/a:mozilla:firefox:3.6.16", "cpe:/a:mozilla:seamonkey:2.10", "cpe:/a:mozilla:seamonkey:1.1.3", "cpe:/a:mozilla:thunderbird:3.0.4", "cpe:/a:mozilla:thunderbird:3.1.12", "cpe:/a:mozilla:seamonkey:2.8:beta3", "cpe:/a:mozilla:firefox:3.6.25", "cpe:/a:mozilla:thunderbird:0.7.3", "cpe:/a:mozilla:firefox:1.5.0.11", "cpe:/a:mozilla:thunderbird:1.0.5", "cpe:/a:mozilla:firefox:4.0:beta11", "cpe:/a:mozilla:seamonkey:2.13:beta6", "cpe:/a:mozilla:thunderbird:3.1.17", "cpe:/a:mozilla:firefox:17.0", "cpe:/a:mozilla:thunderbird:1.0.6", "cpe:/a:mozilla:thunderbird:1.5.0.8", "cpe:/a:mozilla:seamonkey:2.15.1", "cpe:/a:mozilla:thunderbird:6.0.1", "cpe:/a:mozilla:firefox:3.0.3", "cpe:/a:mozilla:seamonkey:2.8:beta6", "cpe:/a:mozilla:firefox:1.5.0.6", "cpe:/a:mozilla:thunderbird:2.0", "cpe:/a:mozilla:firefox:4.0:beta3", "cpe:/a:mozilla:firefox:2.0.0.6", "cpe:/a:mozilla:thunderbird:2.0.0.1", "cpe:/a:mozilla:firefox:2.0.0.5", "cpe:/a:mozilla:firefox:1.5", "cpe:/a:mozilla:firefox:15.0.1", "cpe:/a:mozilla:firefox:3.0.6", "cpe:/a:mozilla:seamonkey:2.16:beta4", "cpe:/a:mozilla:seamonkey:1.1.1", "cpe:/a:mozilla:firefox:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.14.1", "cpe:/a:mozilla:thunderbird:13.0", "cpe:/a:mozilla:seamonkey:1.1.7", "cpe:/a:mozilla:thunderbird:1.5.0.14", "cpe:/a:mozilla:seamonkey:2.10:beta2", "cpe:/a:mozilla:seamonkey:2.3:beta1", "cpe:/a:mozilla:thunderbird:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5", "cpe:/a:mozilla:firefox:6.0", "cpe:/a:mozilla:seamonkey:2.0.9", "cpe:/a:mozilla:seamonkey:1.1.5:1.1.10", "cpe:/a:mozilla:firefox:3.6.21", "cpe:/a:mozilla:thunderbird:3.1.5", "cpe:/a:mozilla:firefox:18.0.1", "cpe:/a:mozilla:seamonkey:2.0.5", "cpe:/a:mozilla:seamonkey:2.0.12", "cpe:/a:mozilla:thunderbird:16.0", "cpe:/a:mozilla:seamonkey:2.8:beta5", "cpe:/a:mozilla:firefox:3.5.8", "cpe:/a:mozilla:firefox:10.0.2", "cpe:/a:mozilla:seamonkey:1.5.0.8", "cpe:/a:mozilla:firefox:0.9:rc", "cpe:/a:mozilla:thunderbird:3.1.13", "cpe:/a:mozilla:firefox:18.0.2", "cpe:/a:mozilla:firefox:5.0", "cpe:/a:mozilla:thunderbird:2.0.0.0", "cpe:/a:mozilla:seamonkey:2.9:beta4", "cpe:/a:mozilla:thunderbird:3.0.5", "cpe:/a:mozilla:seamonkey:2.15:beta6", "cpe:/a:mozilla:firefox:3.0.15", "cpe:/a:mozilla:seamonkey:2.0a1pre", "cpe:/a:mozilla:firefox:3.0.7", "cpe:/a:mozilla:thunderbird:12.0", "cpe:/a:mozilla:seamonkey:1.1.14", "cpe:/a:mozilla:firefox:0.1", "cpe:/a:mozilla:thunderbird:3.1.8", "cpe:/a:mozilla:seamonkey:2.14", "cpe:/a:mozilla:seamonkey:1.1.16", "cpe:/a:mozilla:seamonkey:2.0:alpha_2", "cpe:/a:mozilla:firefox:16.0.1", "cpe:/a:mozilla:firefox:3.0", "cpe:/a:mozilla:firefox:3.6.15", "cpe:/a:mozilla:thunderbird:3.1.4", "cpe:/a:mozilla:seamonkey:2.8:beta4", "cpe:/a:mozilla:firefox_esr:17.0", "cpe:/a:mozilla:firefox:1.5.3", "cpe:/a:mozilla:seamonkey:2.13:beta3", "cpe:/a:mozilla:firefox:3.5.11", "cpe:/a:mozilla:seamonkey:2.14:beta2", "cpe:/a:mozilla:thunderbird:16.0.1", "cpe:/a:mozilla:thunderbird:2.0.0.17", "cpe:/a:mozilla:seamonkey:2.8:beta1", "cpe:/a:mozilla:thunderbird:1.0.2", "cpe:/a:mozilla:seamonkey:2.9.1", "cpe:/a:mozilla:seamonkey:2.5:beta3", "cpe:/a:mozilla:thunderbird:5.0", "cpe:/a:mozilla:seamonkey:2.12:beta6", "cpe:/a:mozilla:firefox:16.0", "cpe:/a:mozilla:thunderbird:3.1.10", "cpe:/a:mozilla:firefox:3.0.10", "cpe:/a:mozilla:thunderbird:0.5", "cpe:/a:mozilla:seamonkey:2.15:beta4", "cpe:/a:mozilla:firefox:3.6.11", "cpe:/a:mozilla:thunderbird:14.0", "cpe:/a:mozilla:firefox:3.0.8", "cpe:/a:mozilla:seamonkey:2.13:beta5", "cpe:/a:mozilla:firefox:4.0:beta9", "cpe:/a:mozilla:firefox:1.0.8", "cpe:/a:mozilla:thunderbird:3.0.9", "cpe:/a:mozilla:firefox:1.5.0.8", "cpe:/a:mozilla:firefox:3.0.1", "cpe:/a:mozilla:firefox:0.9", "cpe:/a:mozilla:seamonkey:2.2", "cpe:/a:mozilla:seamonkey:1.0.1", "cpe:/a:mozilla:seamonkey:1.0:beta", "cpe:/a:mozilla:firefox:3.5.15", "cpe:/a:mozilla:firefox:3.6.13", "cpe:/a:mozilla:firefox:3.5.4", "cpe:/a:mozilla:thunderbird:3.0.1", "cpe:/a:mozilla:seamonkey:1.0.3", "cpe:/a:mozilla:thunderbird:1.5.1", "cpe:/a:mozilla:seamonkey:2.0.10", "cpe:/a:mozilla:firefox:3.5.9", "cpe:/a:mozilla:firefox:3.6.10", "cpe:/a:mozilla:seamonkey:1.1", "cpe:/a:mozilla:seamonkey:2.3.1", "cpe:/a:mozilla:seamonkey:2.14:beta3", "cpe:/a:mozilla:thunderbird:3.1.15", "cpe:/a:mozilla:thunderbird:1.0.7", "cpe:/a:mozilla:thunderbird:3.0.11", "cpe:/a:mozilla:seamonkey:2.3.2", "cpe:/a:mozilla:firefox:3.5.2", "cpe:/a:mozilla:thunderbird:3.1.9", "cpe:/a:mozilla:firefox:2.0.0.16", "cpe:/a:mozilla:thunderbird:15.0", "cpe:/a:mozilla:seamonkey:2.6:beta2", "cpe:/a:mozilla:thunderbird:0.2", "cpe:/a:mozilla:thunderbird:1.5.0.5", "cpe:/a:mozilla:seamonkey:2.12:beta4", "cpe:/a:mozilla:firefox:3.5.10", "cpe:/a:mozilla:firefox:0.2", "cpe:/a:mozilla:thunderbird:12.0.1", "cpe:/a:mozilla:seamonkey:2.4:beta3", "cpe:/a:mozilla:firefox:0.7", "cpe:/a:mozilla:seamonkey:2.7:beta1", "cpe:/a:mozilla:firefox:3.6.6", "cpe:/a:mozilla:seamonkey:1.1.19", "cpe:/a:mozilla:firefox:1.4.1", "cpe:/a:mozilla:thunderbird:2.0.0.16", "cpe:/a:mozilla:firefox:13.0.1", "cpe:/a:mozilla:firefox:2.0.0.19", "cpe:/a:mozilla:firefox:3.0.17", "cpe:/a:mozilla:thunderbird:3.1.7", "cpe:/a:mozilla:firefox:0.7.1", "cpe:/a:mozilla:seamonkey:2.1:rc1", "cpe:/a:mozilla:seamonkey:2.6:beta1", "cpe:/a:mozilla:seamonkey:2.10:beta3", "cpe:/a:mozilla:thunderbird:1.5.0.11", "cpe:/a:mozilla:seamonkey:2.6.1", "cpe:/a:mozilla:thunderbird:0.1", "cpe:/a:mozilla:firefox:2.0.0.11", "cpe:/a:mozilla:thunderbird:2.0.0.14", "cpe:/a:mozilla:firefox:2.0.0.4", "cpe:/a:mozilla:thunderbird:1.5.0.7", "cpe:/a:mozilla:seamonkey:2.11", "cpe:/a:mozilla:seamonkey:2.0.1", "cpe:/a:mozilla:seamonkey:2.6:beta4", "cpe:/a:mozilla:thunderbird_esr:17.0.1", "cpe:/a:mozilla:firefox:0.6.1", "cpe:/a:mozilla:thunderbird:0.9", "cpe:/a:mozilla:firefox:0.9.3", "cpe:/a:mozilla:firefox:12.0:beta6", "cpe:/a:mozilla:thunderbird:2.0.0.15", "cpe:/a:mozilla:thunderbird:2.0.0.8", "cpe:/a:mozilla:thunderbird:1.7.3", "cpe:/a:mozilla:seamonkey:2.10:beta1", "cpe:/a:mozilla:firefox:3.6.14", "cpe:/a:mozilla:thunderbird:1.0.3", "cpe:/a:mozilla:firefox_esr:17.0.1", "cpe:/a:mozilla:seamonkey:2.7:beta3", "cpe:/a:mozilla:firefox:0.3", "cpe:/a:mozilla:seamonkey:2.16:beta2", "cpe:/a:mozilla:thunderbird:2.0.0.18", "cpe:/a:mozilla:seamonkey:1.1.8", "cpe:/a:mozilla:thunderbird:0.3", "cpe:/a:mozilla:thunderbird:2.0.0.6", "cpe:/a:mozilla:firefox:3.6.18", "cpe:/a:mozilla:firefox:4.0:beta1", "cpe:/a:mozilla:seamonkey:2.1", "cpe:/a:mozilla:seamonkey:1.1.13", "cpe:/a:mozilla:thunderbird:13.0.1"], "modified": "2017-09-18T21:35:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0775", "id": "CVE-2013-0775", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-18T13:50:01", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "17.0.6esr-1~deb7u1", "arch": "all", "packageFilename": "iceweasel_17.0.6esr-1~deb7u1_all.deb", "packageName": "iceweasel", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2699-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJune 02, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : iceweasel\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2013-0773 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 \n CVE-2013-0782 CVE-2013-0783 CVE-2013-0787 CVE-2013-0788 \n CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 \n CVE-2013-0801 CVE-2013-1670 CVE-2013-1674 CVE-2013-1675\n CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679\n CVE-2013-1680 CVE-2013-1681\n\nMultiple security issues have been found in Iceweasel, Debian's version \nof the Mozilla Firefox web browser: Multiple memory safety errors, \nmissing input sanitising vulnerabilities, use-after-free vulnerabilities, \nbuffer overflows and other programming errors may lead to the execution \nof arbitrary code, privilege escalation, information leaks or \ncross-site-scripting.\n\nWe're changing the approach for security updates for Iceweasel, Icedove \nand Iceape in stable-security: Instead of backporting security fixes, \nwe now provide releases based on the Extended Support Release branch. As \nsuch, this update introduces packages based on Firefox 17 and at some \npoint in the future we will switch to the next ESR branch once ESR 17 \nhas reached it's end of life.\n\nSome Xul extensions currently packaged in the Debian archive are not\ncompatible with the new browser engine. Up-to-date and compatible \nversions can be retrieved from http://addons.mozilla.org as a short \nterm solution. A solution to keep packaged extensions compatible with \nthe Mozilla releases is still being sorted out.\n\nWe don't have the resources to backport security fixes to the Iceweasel \nrelease in oldstable-security any longer. If you're up to the task and \nwant to help, please get in touch with team@security.debian.org. \nOtherwise, we'll announce the end of security support for Iceweasel, \nIcedove and Iceape in Squeeze in the next update round.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 17.0.6esr-1~deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 17.0.6esr-1.\n\nWe recommend that you upgrade your iceweasel packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2013-06-02T16:37:52", "title": "[SECURITY] [DSA 2699-1] iceweasel security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:01", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-1678", "CVE-2013-0783", "CVE-2013-1670", "CVE-2013-0787", "CVE-2013-1680", "CVE-2013-0780", "CVE-2013-0795", "CVE-2013-1679", "CVE-2013-0796", "CVE-2013-0782", "CVE-2013-0800", "CVE-2013-1681", "CVE-2013-0773", "CVE-2013-0788", "CVE-2013-0775", "CVE-2013-0801", "CVE-2013-1676", "CVE-2013-1675", "CVE-2013-1674", "CVE-2013-0776", "CVE-2013-1677", "CVE-2013-0793"], "modified": "2013-06-02T16:37:52", "id": "DEBIAN:DSA-2699-1:833C6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00107.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:05", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0780", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1711", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1725", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0754", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1730", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1701", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0744", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1705", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1692", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0746", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1712", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1717", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0759", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0784", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1736", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0774", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1724", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1713", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0748", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1708", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1728", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0768", "https://bugs.gentoo.org/show_bug.cgi?id=469868", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0745", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0776", "https://bugs.gentoo.org/show_bug.cgi?id=458390", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0778", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0760", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1693", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0782", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1737", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0777", "https://bugs.gentoo.org/show_bug.cgi?id=460818", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1710", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1702", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1738", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1735", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0763", "https://bugs.gentoo.org/show_bug.cgi?id=450940", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1694", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1722", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1732", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0772", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0755", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0775", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1707", "https://bugs.gentoo.org/show_bug.cgi?id=479968", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0758", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0756", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1714", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1709", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0765", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0753", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0767", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0752", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1704", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0771", "https://bugs.gentoo.org/show_bug.cgi?id=464226", "https://bugs.gentoo.org/show_bug.cgi?id=474758", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0770", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1718", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1726", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1723", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0750", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1682", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0761", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0781", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1719", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0762", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1697", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0749", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1690", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0766", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1687", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0769", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0764", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0751", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0747", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0779", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1720", "https://bugs.gentoo.org/show_bug.cgi?id=485258", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0773", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0783", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1684", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0757"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.21", "packageFilename": "UNKNOWN", "packageName": "www-client/seamonkey", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "17.0.9", "packageFilename": "UNKNOWN", "packageName": "mail-client/thunderbird-bin", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.21", "packageFilename": "UNKNOWN", "packageName": "www-client/seamonkey-bin", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "17.0.9", "packageFilename": "UNKNOWN", "packageName": "mail-client/thunderbird", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "17.0.9", "packageFilename": "UNKNOWN", "packageName": "www-client/firefox-bin", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "17.0.9", "packageFilename": "UNKNOWN", "packageName": "www-client/firefox", "arch": "all", "operator": "lt"}], "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, and SeaMonkey. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Further, a remote attacker could conduct XSS attacks, spoof URLs, bypass address space layout randomization, conduct clickjacking attacks, obtain potentially sensitive information, bypass access restrictions, modify the local filesystem, or conduct other unspecified attacks. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-17.0.9\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-17.0.9\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-17.0.9\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-17.0.9\"\n \n\nAll SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.21\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.21\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2013-09-27T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1687", "CVE-2013-1692", "CVE-2013-0797", "CVE-2013-1671", "CVE-2013-1737", "CVE-2013-1709", "CVE-2013-1678", "CVE-2013-0763", "CVE-2013-0777", "CVE-2013-0765", "CVE-2013-0783", "CVE-2013-1670", "CVE-2013-1719", "CVE-2013-1725", "CVE-2013-1735", "CVE-2013-0746", "CVE-2013-0791", "CVE-2013-0766", "CVE-2013-1707", "CVE-2013-1697", "CVE-2013-1705", "CVE-2013-0787", "CVE-2013-0794", "CVE-2013-0747", "CVE-2013-1694", "CVE-2013-1680", "CVE-2013-1724", "CVE-2013-0751", "CVE-2013-0780", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2013-1720", "CVE-2013-0748", "CVE-2013-1679", "CVE-2013-0778", "CVE-2013-0768", "CVE-2013-0755", "CVE-2013-0752", "CVE-2013-1702", "CVE-2013-0796", "CVE-2013-1723", "CVE-2013-0782", "CVE-2013-1726", "CVE-2013-0800", "CVE-2013-1681", "CVE-2013-0773", "CVE-2013-0754", "CVE-2013-1708", "CVE-2013-1738", "CVE-2013-1712", "CVE-2013-0788", "CVE-2013-1728", "CVE-2013-1730", "CVE-2013-0784", "CVE-2013-1690", "CVE-2013-0775", "CVE-2013-0801", "CVE-2013-1714", "CVE-2013-0769", "CVE-2013-1704", "CVE-2013-0771", "CVE-2013-0757", "CVE-2013-0749", "CVE-2013-0761", "CVE-2013-0779", "CVE-2013-1701", "CVE-2013-1684", "CVE-2013-1676", "CVE-2013-0789", "CVE-2013-0799", "CVE-2013-1675", "CVE-2013-0745", "CVE-2013-0756", "CVE-2013-0760", "CVE-2013-0767", "CVE-2013-1682", "CVE-2013-1674", "CVE-2013-0762", "CVE-2013-0792", "CVE-2013-1713", "CVE-2013-0774", "CVE-2013-0753", "CVE-2013-1736", "CVE-2013-0776", "CVE-2013-1718", "CVE-2013-1717", "CVE-2013-1693", "CVE-2013-0750", "CVE-2013-1677", "CVE-2013-0759", "CVE-2013-0770", "CVE-2013-0793", "CVE-2013-0781", "CVE-2013-0772", "CVE-2013-1722", "CVE-2013-1711", "CVE-2013-1710", "CVE-2013-0758", "CVE-2013-0764"], "modified": "2013-09-27T00:00:00", "id": "GLSA-201309-23", "href": "https://security.gentoo.org/glsa/201309-23", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}