ID SUSE-SU-2012:1426-1 Type suse Reporter Suse Modified 2012-10-31T22:08:42
Description
MozillaFirefox was updated to the 10.0.10ESR security
release.
The following issues have been fixed:
*
MFSA 2012-90: Mozilla has fixed a number of issues
related to the Location object in order to enhance overall
security. Details for each of the current fixed issues are
below.
Thunderbird is only affected by window.location
issues through RSS feeds and extensions that load web
content.
*
CVE-2012-4194: Security researcher Mariusz Mlynski
reported that the true value of window.location could be
shadowed by user content through the use of the valueOf
method, which can be combined with some plugins to perform
a cross-site scripting (XSS) attack on users.
*
CVE-2012-4195: Mozilla security researcher
moz_bug_r_a4 discovered that the CheckURL function in
window.location can be forced to return the wrong calling
document and principal, allowing a cross-site scripting
(XSS) attack. There is also the possibility of gaining
arbitrary code execution if the attacker can take advantage
of an add-on that interacts with the page content.
*
CVE-2012-4196: Security researcher Antoine
Delignat-Lavaud of the PROSECCO research team at INRIA
Paris reported the ability to use property injection by
prototype to bypass security wrapper protections on the
Location object, allowing the cross-origin reading of the
Location object.
{"enchantments": {"score": {"value": 6.8, "vector": "NONE", "modified": "2016-09-04T12:23:43", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-4194", "CVE-2012-4196", "CVE-2012-4195"]}, {"type": "openvas", "idList": ["OPENVAS:881529", "OPENVAS:841200", "OPENVAS:1361412562310881528", "OPENVAS:803627", "OPENVAS:803631", "OPENVAS:881531", "OPENVAS:1361412562310803041", "OPENVAS:870854", "OPENVAS:803041", "OPENVAS:803634"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1620-1.NASL", "OPENSUSE-2012-745.NASL", "MACOSX_THUNDERBIRD_10_0_10.NASL", "SUSE_11_FIREFOX-201210B-121029.NASL", "CENTOS_RHSA-2012-1413.NASL", "MOZILLA_THUNDERBIRD_10010.NASL", "CENTOS_RHSA-2012-1407.NASL", "REDHAT-RHSA-2012-1407.NASL", "SUSE_FIREFOX-201210B-8348.NASL", "SL_20121029_THUNDERBIRD_ON_SL5_X.NASL"]}, {"type": "mozilla", "idList": ["MFSA2012-90"]}, {"type": "ubuntu", "idList": ["USN-1620-2", "USN-1620-1"]}, {"type": "freebsd", "idList": ["6B3B1B97-207C-11E2-A03F-C8600054B392"]}, {"type": "redhat", "idList": ["RHSA-2012:1407", "RHSA-2012:1413"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1407", "ELSA-2012-1413"]}, {"type": "centos", "idList": ["CESA-2012:1413", "CESA-2012:1407"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:1100-1", "OPENSUSE-SU-2012:1412-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12639"]}, {"type": "gentoo", "idList": ["GLSA-201301-01"]}], "modified": "2016-09-04T12:23:43", "rev": 2}, "vulnersScore": 6.8}, "reporter": "Suse", "id": "SUSE-SU-2012:1426-1", "modified": "2012-10-31T22:08:42", "published": "2012-10-31T22:08:42", "bulletinFamily": "unix", "viewCount": 0, "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "affectedPackage": [{"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.5.2.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.2.1.s390x.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Software Development Kit", "arch": "s390x"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "i586"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Software Development Kit", "arch": "x86_64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.ia64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.2.1.ppc64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ppc64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.2.1.ia64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Software Development Kit", "arch": "ia64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.5.2.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.5.2.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ppc"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-10.0.10-0.5.2.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SLE SDK", "arch": "i586"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.5.2.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.s390x.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.5.2.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.5.2.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-10.0.10-0.5.2.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SLE SDK", "arch": "s390x"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.s390x.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "x86_64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.5.2.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.ia64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.5.2.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ppc"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.5.1.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.5.2.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.2.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Software Development Kit", "arch": "i586"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.i586.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "i586"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.ppc64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ppc64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.s390x.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.5.1.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ppc"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-x86", "packageFilename": "mozilla-nspr-x86-4.9.3-0.2.1.ia64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.2.1.s390x.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-10.0.10-0.5.2.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SLE SDK", "arch": "ppc"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-x86", "packageFilename": "mozilla-nspr-x86-4.9.3-0.5.1.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox-branding-upstream", "packageFilename": "MozillaFirefox-branding-upstream-10.0.10-0.5.2.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SLE SDK", "arch": "ia64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.ppc64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ppc64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.i586.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Desktop", "arch": "i586"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-devel", "packageFilename": "mozilla-nspr-devel-4.9.3-0.2.1.ppc64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Software Development Kit", "arch": "ppc64"}, {"packageVersion": "10.0.10-0.5.2", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.5.2.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "x86_64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.x86_64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Desktop", "arch": "x86_64"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox", "packageFilename": "MozillaFirefox-10.0.10-0.3.1.ia64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.s390x.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "s390x"}, {"packageVersion": "10.0.10-0.3.1", "packageName": "MozillaFirefox-translations", "packageFilename": "MozillaFirefox-translations-10.0.10-0.3.1.ppc64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server", "arch": "ppc64"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr-64bit", "packageFilename": "mozilla-nspr-64bit-4.9.3-0.5.1.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ppc"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.ppc.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ppc"}, {"packageVersion": "4.9.3-0.5.1", "packageName": "mozilla-nspr", "packageFilename": "mozilla-nspr-4.9.3-0.5.1.ia64.rpm", "operator": "lt", "OSVersion": "10.4", "OS": "SUSE Linux Enterprise Server", "arch": "ia64"}, {"packageVersion": "4.9.3-0.2.1", "packageName": "mozilla-nspr-32bit", "packageFilename": "mozilla-nspr-32bit-4.9.3-0.2.1.x86_64.rpm", "operator": "lt", "OSVersion": "11.2", "OS": "SUSE Linux Enterprise Server for VMware", "arch": "x86_64"}], "type": "suse", "references": ["http://download.novell.com/patch/finder/?keywords=a779e3f3d65e3943cbd34d5b913f5501", "http://download.novell.com/patch/finder/?keywords=67c3a0325cfb67cf4cabe8f44fe58645", "https://bugzilla.novell.com/786522"], "description": "MozillaFirefox was updated to the 10.0.10ESR security\n release.\n\n The following issues have been fixed:\n\n *\n\n MFSA 2012-90: Mozilla has fixed a number of issues\n related to the Location object in order to enhance overall\n security. Details for each of the current fixed issues are\n below.\n\n Thunderbird is only affected by window.location\n issues through RSS feeds and extensions that load web\n content.\n\n *\n\n CVE-2012-4194: Security researcher Mariusz Mlynski\n reported that the true value of window.location could be\n shadowed by user content through the use of the valueOf\n method, which can be combined with some plugins to perform\n a cross-site scripting (XSS) attack on users.\n\n *\n\n CVE-2012-4195: Mozilla security researcher\n moz_bug_r_a4 discovered that the CheckURL function in\n window.location can be forced to return the wrong calling\n document and principal, allowing a cross-site scripting\n (XSS) attack. There is also the possibility of gaining\n arbitrary code execution if the attacker can take advantage\n of an add-on that interacts with the page content.\n\n *\n\n CVE-2012-4196: Security researcher Antoine\n Delignat-Lavaud of the PROSECCO research team at INRIA\n Paris reported the ability to use property injection by\n prototype to bypass security wrapper protections on the\n Location object, allowing the cross-origin reading of the\n Location object.\n\n", "title": "Security update for Mozilla Firefox (important)", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00025.html", "lastseen": "2016-09-04T12:23:43", "edition": 1, "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}
{"cve": [{"lastseen": "2020-12-09T19:47:23", "description": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object (aka window.location), which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving a plugin.", "edition": 6, "cvss3": {}, "published": "2012-10-29T18:55:00", "title": "CVE-2012-4194", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4194"], "modified": "2020-08-12T17:43:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:opensuse:opensuse:12.1", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:opensuse:opensuse:12.2", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4194", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4194", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object.", "edition": 6, "cvss3": {}, "published": "2012-10-29T18:55:00", "title": "CVE-2012-4196", "type": "cve", "cwe": ["CWE-74"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4196"], "modified": "2020-08-12T17:45:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:opensuse:opensuse:12.1", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:opensuse:opensuse:12.2", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4196", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4196", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2020-12-09T19:47:23", "description": "The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior.", "edition": 6, "cvss3": {}, "published": "2012-10-29T18:55:00", "title": "CVE-2012-4195", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4195"], "modified": "2020-08-12T14:39:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:opensuse:opensuse:12.1", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:suse:linux_enterprise_software_development_kit:11", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:redhat:enterprise_linux_eus:6.3", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:opensuse:opensuse:12.2", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:suse:linux_enterprise_desktop:11", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2012-4195", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4195", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*", "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}], "ubuntu": [{"lastseen": "2020-08-13T19:55:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "USN-1620-1 fixed vulnerabilities in Firefox. This update provides the \ncorresponding updates for Thunderbird. Please note that Thunderbird is only \naffected by window.location issues through RSS feeds and extensions that \nload web content.\n\nOriginal advisory details:\n\nMariusz Mlynski and others discovered several flaws in Firefox that allowed \na remote attacker to conduct cross-site scripting (XSS) attacks. \n(CVE-2012-4194, CVE-2012-4195)\n\nAntoine Delignat-Lavaud discovered a flaw in the way Firefox handled the \nLocation object. If a user were tricked into opening a specially crafted \npage, a remote attacker could exploit this to bypass security protections \nand perform cross-origin reading of the Location object. (CVE-2012-4196)", "edition": 7, "modified": "2012-10-30T00:00:00", "published": "2012-10-30T00:00:00", "id": "USN-1620-2", "href": "https://ubuntu.com/security/notices/USN-1620-2", "title": "Thunderbird vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T19:54:59", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "Mariusz Mlynski and others discovered several flaws in Firefox that allowed \na remote attacker to conduct cross-site scripting (XSS) attacks. \n(CVE-2012-4194, CVE-2012-4195)\n\nAntoine Delignat-Lavaud discovered a flaw in the way Firefox handled the \nLocation object. If a user were tricked into opening a specially crafted \npage, a remote attacker could exploit this to bypass security protections \nand perform cross-origin reading of the Location object. (CVE-2012-4196)", "edition": 6, "modified": "2012-10-26T00:00:00", "published": "2012-10-26T00:00:00", "id": "USN-1620-1", "href": "https://ubuntu.com/security/notices/USN-1620-1", "title": "Firefox vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "mozilla": [{"lastseen": "2016-09-05T13:37:51", "bulletinFamily": "software", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "Mozilla has fixed a number of issues related to the Location object in order to enhance overall security. Details for each of the current fixed issues are below.\n\n\nThunderbird is only affected by window.location issues through RSS feeds and extensions that load web content.\nSecurity researcher Mariusz Mlynski reported that the true value of window.location could be shadowed by user content through the use of the valueOf method, which can be combined with some plugins to perform a cross-site scripting (XSS) attack on users.", "edition": 1, "modified": "2012-10-26T00:00:00", "published": "2012-10-26T00:00:00", "id": "MFSA2012-90", "href": "http://www.mozilla.org/en-US/security/advisories/mfsa2012-90/", "type": "mozilla", "title": "Fixes for Location object issues", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2020-08-13T19:40:17", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1413\n\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Thunderbird to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\nDelignat-Lavaud as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/031000.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/031001.html\n\n**Affected packages:**\nthunderbird\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1413.html", "edition": 4, "modified": "2012-10-30T10:46:18", "published": "2012-10-30T03:07:34", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/031000.html", "id": "CESA-2012:1413", "title": "thunderbird security update", "type": "centos", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T19:40:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1407\n\n\nMozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in Firefox.\nMalicious content could be used to perform cross-site scripting attacks,\nbypass the same-origin policy, or cause Firefox to execute arbitrary code.\n(CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.10 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\nDelignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.10 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030996.html\nhttp://lists.centos.org/pipermail/centos-announce/2012-October/030997.html\n\n**Affected packages:**\nfirefox\nxulrunner\nxulrunner-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1407.html", "edition": 6, "modified": "2012-10-27T04:43:22", "published": "2012-10-27T02:12:20", "href": "http://lists.centos.org/pipermail/centos-announce/2012-October/030996.html", "id": "CESA-2012:1407", "title": "firefox, xulrunner security update", "type": "centos", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "suse": [{"lastseen": "2016-09-04T11:27:55", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "Mozilla Firefox, Thunderbird and XULRunner were updated to\n 16.0.2. Mozilla Seamonkey was updated to 2.13.2.\n\n Tracker bug: bnc#786522\n\n A security issues was fixed:\n * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196\n (bmo#800666, bmo#793121, bmo#802557) Fixes for Location\n object issues\n\n The update also brings back Obsoletes for libproxy's mozjs\n plugin for distributions before 12.2 to avoid crashes\n\n", "edition": 1, "modified": "2012-10-30T01:08:34", "published": "2012-10-30T01:08:34", "id": "OPENSUSE-SU-2012:1412-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00019.html", "type": "suse", "title": "Mozilla Suite: Update to 16.0.2 (important)", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T12:21:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2014-1505", "CVE-2014-1536", "CVE-2011-0061", "CVE-2011-0077", "CVE-2014-1513", "CVE-2012-0478", "CVE-2012-4193", "CVE-2012-0442", "CVE-2013-5601", "CVE-2013-1687", "CVE-2013-5612", "CVE-2013-1692", "CVE-2010-0654", "CVE-2012-1962", "CVE-2013-0743", "CVE-2012-0443", "CVE-2012-5842", "CVE-2012-4212", "CVE-2013-5595", "CVE-2010-0176", "CVE-2014-1530", "CVE-2011-0083", "CVE-2010-1203", "CVE-2013-1737", "CVE-2012-4214", "CVE-2008-1236", "CVE-2013-5611", "CVE-2012-1970", "CVE-2008-3835", "CVE-2013-1709", "CVE-2007-3738", "CVE-2012-3989", "CVE-2013-5616", "CVE-2013-1678", "CVE-2010-2762", "CVE-2012-5830", "CVE-2013-0763", "CVE-2014-1510", "CVE-2011-3026", "CVE-2012-0460", "CVE-2013-5613", "CVE-2012-1973", "CVE-2014-1522", "CVE-2011-3654", "CVE-2014-1567", "CVE-2012-1974", "CVE-2010-2766", "CVE-2012-4195", "CVE-2012-3986", "CVE-2013-0783", "CVE-2007-3734", "CVE-2011-2371", "CVE-2014-1481", "CVE-2013-1670", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2013-1719", "CVE-2012-3968", "CVE-2013-1725", "CVE-2012-3963", "CVE-2014-1539", "CVE-2010-0174", "CVE-2012-0452", "CVE-2013-1735", "CVE-2012-1956", "CVE-2014-1487", "CVE-2012-3978", "CVE-2012-3985", "CVE-2013-0746", "CVE-2012-5829", "CVE-2009-1571", "CVE-2012-1944", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2014-1538", "CVE-2012-4213", "CVE-2013-1685", "CVE-2012-0479", "CVE-2013-5609", "CVE-2007-3737", "CVE-2013-0766", "CVE-2007-3736", "CVE-2012-1940", "CVE-2013-1697", "CVE-2014-1484", "CVE-2014-1525", "CVE-2012-3993", "CVE-2013-5619", "CVE-2012-5837", "CVE-2008-5500", "CVE-2012-5836", "CVE-2014-1509", "CVE-2009-0772", "CVE-2013-0787", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2014-1494", "CVE-2014-1559", "CVE-2013-0747", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2014-1537", "CVE-2013-1694", "CVE-2014-1523", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2013-5615", "CVE-2013-1680", "CVE-2012-3962", "CVE-2012-0459", "CVE-2011-2362", "CVE-2014-1529", "CVE-2013-1724", "CVE-2010-1213", "CVE-2013-5597", "CVE-2012-5843", "CVE-2014-1543", "CVE-2014-1486", "CVE-2011-0085", "CVE-2013-5590", "CVE-2008-5510", "CVE-2011-0080", "CVE-2013-0780", "CVE-2008-5502", "CVE-2010-3765", "CVE-2013-1732", "CVE-2013-0744", "CVE-2013-0795", "CVE-2008-1237", "CVE-2013-1720", "CVE-2008-4070", "CVE-2013-0748", "CVE-2012-4183", "CVE-2010-3178", "CVE-2013-1679", "CVE-2007-3285", "CVE-2013-5610", "CVE-2013-0768", "CVE-2011-3661", "CVE-2012-4181", "CVE-2014-1532", "CVE-2013-6671", "CVE-2009-0040", "CVE-2011-3652", "CVE-2013-0755", "CVE-2008-4067", "CVE-2014-1548", "CVE-2011-2364", "CVE-2014-1531", "CVE-2013-0752", "CVE-2012-4186", "CVE-2014-1508", "CVE-2012-1948", "CVE-2008-5012", "CVE-2012-1938", "CVE-2013-0796", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2014-1502", "CVE-2013-1723", "CVE-2013-0782", "CVE-2012-1953", "CVE-2012-1949", "CVE-2014-1542", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3169", "CVE-2012-3970", "CVE-2011-0053", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2010-3768", "CVE-2014-1477", "CVE-2013-0800", "CVE-2010-1212", "CVE-2013-1681", "CVE-2010-1211", "CVE-2010-1121", "CVE-2013-0773", "CVE-2013-0754", "CVE-2010-3167", "CVE-2012-4202", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2014-1540", "CVE-2014-1534", "CVE-2012-1941", "CVE-2013-1738", "CVE-2014-1482", "CVE-2014-1479", "CVE-2008-4066", "CVE-2008-5018", "CVE-2012-3984", "CVE-2014-1504", "CVE-2012-0444", "CVE-2011-3650", "CVE-2014-1511", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2012-4182", "CVE-2008-1233", "CVE-2012-4187", "CVE-2012-3983", "CVE-2011-0062", "CVE-2008-0016", "CVE-2011-3101", "CVE-2010-3168", "CVE-2013-0788", "CVE-2013-1728", "CVE-2014-1545", "CVE-2010-0173", "CVE-2012-0472", "CVE-2013-5592", "CVE-2013-1730", "CVE-2008-4059", "CVE-2010-2764", "CVE-2014-1492", "CVE-2011-0081", "CVE-2009-0771", "CVE-2007-3670", "CVE-2012-1954", "CVE-2009-0774", "CVE-2014-1556", "CVE-2012-0461", "CVE-2011-2376", "CVE-2012-3958", "CVE-2012-0469", "CVE-2014-1563", "CVE-2014-1524", "CVE-2014-1512", "CVE-2012-1975", "CVE-2011-0075", "CVE-2013-1690", "CVE-2012-0464", "CVE-2013-0775", "CVE-2012-1967", "CVE-2013-5604", "CVE-2014-1514", "CVE-2010-3166", "CVE-2011-0074", "CVE-2013-0801", "CVE-2012-3956", "CVE-2010-2769", "CVE-2012-3982", "CVE-2009-3555", "CVE-2013-1714", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-5021", "CVE-2008-5017", "CVE-2013-0769", "CVE-2012-3966", "CVE-2013-0771", "CVE-2014-1490", "CVE-2012-5839", "CVE-2013-0757", "CVE-2014-1498", "CVE-2012-1961", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2014-1565", "CVE-2012-3967", "CVE-2013-0749", "CVE-2011-3651", "CVE-2008-4060", "CVE-2007-3656", "CVE-2008-1234", "CVE-2012-1951", "CVE-2012-0475", "CVE-2014-1555", "CVE-2014-1564", "CVE-2012-1952", "CVE-2010-1201", "CVE-2013-0761", "CVE-2013-1669", "CVE-2010-1585", "CVE-2012-3959", "CVE-2012-0455", "CVE-2014-1558", "CVE-2011-0084", "CVE-2012-0759", "CVE-2007-3089", "CVE-2014-1519", "CVE-2013-1701", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2013-1684", "CVE-2008-4058", "CVE-2012-4184", "CVE-2012-0447", "CVE-2014-1547", "CVE-2011-3232", "CVE-2012-4205", "CVE-2014-1480", "CVE-2014-1500", "CVE-2011-0069", "CVE-2013-6630", "CVE-2008-5022", "CVE-2008-5512", "CVE-2014-1497", "CVE-2013-5596", "CVE-2012-3992", "CVE-2008-1235", "CVE-2013-1676", "CVE-2013-0789", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2013-1675", "CVE-2014-1478", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2012-1960", "CVE-2012-0445", "CVE-2012-0462", "CVE-2012-4217", "CVE-2013-1686", "CVE-2013-0745", "CVE-2013-0756", "CVE-2012-4218", "CVE-2013-0760", "CVE-2011-2377", "CVE-2014-1485", "CVE-2014-1493", "CVE-2007-3735", "CVE-2011-3000", "CVE-2010-2765", "CVE-2014-1544", "CVE-2010-2767", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2013-0767", "CVE-2010-3182", "CVE-2009-0776", "CVE-2013-5603", "CVE-2012-1959", "CVE-2011-2363", "CVE-2011-0070", "CVE-2013-1682", "CVE-2012-1947", "CVE-2013-6673", "CVE-2013-1674", "CVE-2013-0762", "CVE-2014-1562", "CVE-2010-3170", "CVE-2011-3005", "CVE-2012-4208", "CVE-2011-3658", "CVE-2014-1541", "CVE-2011-2373", "CVE-2008-5511", "CVE-2011-2992", "CVE-2014-1488", "CVE-2012-1957", "CVE-2012-1958", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2014-1552", "CVE-2010-3183", "CVE-2010-1202", "CVE-2012-0468", "CVE-2013-5599", "CVE-2014-1553", "CVE-2014-1549", "CVE-2013-1713", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2008-4061", "CVE-2013-5591", "CVE-2010-1199", "CVE-2012-4204", "CVE-2013-5602", "CVE-2011-2985", "CVE-2012-4192", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2013-0774", "CVE-2008-5024", "CVE-2013-0753", "CVE-2012-5833", "CVE-2014-1557", "CVE-2013-1736", "CVE-2014-1526", "CVE-2013-0776", "CVE-2012-3964", "CVE-2013-5593", "CVE-2014-1550", "CVE-2013-1718", "CVE-2012-5841", "CVE-2014-1533", "CVE-2013-1717", "CVE-2010-2754", "CVE-2008-5507", "CVE-2012-3990", "CVE-2014-1491", "CVE-2013-6672", "CVE-2013-5614", "CVE-2008-4065", "CVE-2013-1693", "CVE-2010-2760", "CVE-2013-0750", "CVE-2012-1937", "CVE-2014-1560", "CVE-2012-4215", "CVE-2013-6629", "CVE-2012-0463", "CVE-2013-1677", "CVE-2011-2991", "CVE-2013-0770", "CVE-2013-0793", "CVE-2012-4179", "CVE-2011-3001", "CVE-2014-1483", "CVE-2014-1489", "CVE-2011-3062", "CVE-2012-0477", "CVE-2013-1722", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2013-1710", "CVE-2012-0467", "CVE-2012-0458", "CVE-2013-0758", "CVE-2013-5600", "CVE-2010-2752", "CVE-2014-1499", "CVE-2014-1518", "CVE-2012-0471", "CVE-2012-3961", "CVE-2014-1561", "CVE-2012-3971", "CVE-2013-0764", "CVE-2014-1528", "CVE-2013-5618", "CVE-2011-0072"], "description": "This patch contains security updates for\n\n * mozilla-nss 3.16.4\n - The following 1024-bit root CA certificate was restored to allow more\n time to develop a better transition strategy for affected sites. It\n was removed in NSS 3.16.3, but discussion in the\n mozilla.dev.security.policy forum led to the decision to keep this\n root included longer in order to give website administrators more time\n to update their web servers.\n - CN = GTE CyberTrust Global Root\n * In NSS 3.16.3, the 1024-bit "Entrust.net Secure Server Certification\n Authority" root CA certificate was removed. In NSS 3.16.4, a 2048-bit\n intermediate CA certificate has been included, without explicit trust.\n The intention is to mitigate the effects of the previous removal of\n the 1024-bit Entrust.net root certificate, because many public\n Internet sites still use the "USERTrust Legacy Secure Server CA"\n intermediate certificate that is signed by the 1024-bit Entrust.net\n root certificate. The inclusion of the intermediate certificate is a\n temporary measure to allow those sites to function, by allowing them\n to find a trust path to another 2048-bit root CA certificate. The\n temporarily included intermediate certificate expires November 1, 2015.\n\n * Firefox 31.1esr Firefox is updated from 24esr to 31esr as maintenance\n for version 24 stopped\n\n", "edition": 1, "modified": "2014-09-09T18:04:16", "published": "2014-09-09T18:04:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00004.html", "id": "OPENSUSE-SU-2014:1100-1", "title": "Firefox update to 31.1esr (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2020-08-13T18:06:16", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4194", "CVE-2012-4195", "CVE-2012-4196"], "description": "Mozilla Firefox is an open source web browser. XULRunner provides the XUL\nRuntime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in Firefox.\nMalicious content could be used to perform cross-site scripting attacks,\nbypass the same-origin policy, or cause Firefox to execute arbitrary code.\n(CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla security\nadvisories for Firefox 10.0.10 ESR. You can find a link to the Mozilla\nadvisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\nDelignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which contain\nFirefox version 10.0.10 ESR, which corrects these issues. After installing\nthe update, Firefox must be restarted for the changes to take effect.\n", "modified": "2018-06-06T20:24:08", "published": "2012-10-26T04:00:00", "id": "RHSA-2012:1407", "href": "https://access.redhat.com/errata/RHSA-2012:1407", "type": "redhat", "title": "(RHSA-2012:1407) Critical: firefox security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T18:06:44", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4194", "CVE-2012-4195", "CVE-2012-4196"], "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Thunderbird to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nRed Hat would like to thank the Mozilla project for reporting these issues.\nUpstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\nDelignat-Lavaud as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially-crafted HTML mail message as JavaScript is disabled by default\nfor mail messages. They could be exploited another way in Thunderbird, for\nexample, when viewing the full remote content of an RSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the changes\nto take effect.\n", "modified": "2018-06-06T20:24:06", "published": "2012-10-29T04:00:00", "id": "RHSA-2012:1413", "href": "https://access.redhat.com/errata/RHSA-2012:1413", "type": "redhat", "title": "(RHSA-2012:1413) Important: thunderbird security update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "oraclelinux": [{"lastseen": "2020-10-22T17:08:06", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "[10.0.10-1.0.1.el6_3]\n- Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js\n[10.0.10-1]\n- Update to 10.0.10 ESR", "edition": 6, "modified": "2012-10-29T00:00:00", "published": "2012-10-29T00:00:00", "id": "ELSA-2012-1413", "href": "http://linux.oracle.com/errata/ELSA-2012-1413.html", "title": "thunderbird security update", "type": "oraclelinux", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T19:45:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "firefox\n[10.0.10-1.0.1.el6_3]\n- Replaced firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js\n[10.0.10-1]\n- Update to 10.0.10 ESR\n[10.0.8-2]\n- Fixed rhbz#865284 - add the storage.nfs_filesystem\n config key to property list\n- disable OOP for wrapped plugins (nspluginwrapper)\nxulrunner\n[10.0.10-1.0.1.el6_3]\n- Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js\n[10.0.10-1]\n- Added patches from 10.0.10 ESR", "edition": 5, "modified": "2012-10-26T00:00:00", "published": "2012-10-26T00:00:00", "id": "ELSA-2012-1407", "href": "http://linux.oracle.com/errata/ELSA-2012-1407.html", "title": "firefox security update", "type": "oraclelinux", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "freebsd": [{"lastseen": "2020-08-13T19:43:10", "bulletinFamily": "unix", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "\nThe Mozilla Project reports:\n\nMFSA 2012-90 Fixes for Location object issues\n\n", "edition": 5, "modified": "2012-10-26T00:00:00", "published": "2012-10-26T00:00:00", "id": "6B3B1B97-207C-11E2-A03F-C8600054B392", "href": "https://vuxml.freebsd.org/freebsd/6b3b1b97-207c-11e2-a03f-c8600054b392.html", "title": "mozilla -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "nessus": [{"lastseen": "2021-01-01T03:51:53", "description": "The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)", "edition": 25, "published": "2012-10-29T00:00:00", "title": "Mozilla Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_10010.NASL", "href": "https://www.tenable.com/plugins/nessus/62745", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62745);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n\n script_name(english:\"Mozilla Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-90/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 10.0.10 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:TRUE, fix:'10.0.10', min:'10.0', severity:SECURITY_WARNING, xss:TRUE);", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:52:12", "description": "The installed version of Thunderbird is earlier than 16.0.2 and is\ntherefore potentially affected by the following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)", "edition": 25, "published": "2012-10-29T00:00:00", "title": "Mozilla Thunderbird < 16.0.2 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MOZILLA_THUNDERBIRD_1602.NASL", "href": "https://www.tenable.com/plugins/nessus/62746", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62746);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n\n script_name(english:\"Mozilla Thunderbird < 16.0.2 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird is earlier than 16.0.2 and is\ntherefore potentially affected by the following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-90/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 16.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mozilla_org_installed.nasl\");\n script_require_keys(\"Mozilla/Thunderbird/Version\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nport = get_kb_item_or_exit(\"SMB/transport\");\n\ninstalls = get_kb_list(\"SMB/Mozilla/Thunderbird/*\");\nif (isnull(installs)) audit(AUDIT_NOT_INST, \"Thunderbird\");\n\nmozilla_check_version(installs:installs, product:'thunderbird', esr:FALSE, fix:'16.0.2', severity:SECURITY_WARNING, xss:TRUE);", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T12:52:52", "description": "MozillaFirefox was updated to the 10.0.10ESR security release.\n\nThe following issues have been fixed :\n\n - Mozilla has fixed a number of issues related to the\n Location object in order to enhance overall security.\n Details for each of the current fixed issues are below.\n (MFSA 2012-90)\n\n Thunderbird is only affected by window.location issues\n through RSS feeds and extensions that load web content.\n\n - Security researcher Mariusz Mlynski reported that the\n true value of window.location could be shadowed by user\n content through the use of the valueOf method, which can\n be combined with some plugins to perform a cross-site\n scripting (XSS) attack on users. (CVE-2012-4194)\n\n - Mozilla security researcher moz_bug_r_a4 discovered that\n the CheckURL function in window.location can be forced\n to return the wrong calling document and principal,\n allowing a cross-site scripting (XSS) attack. There is\n also the possibility of gaining arbitrary code execution\n if the attacker can take advantage of an add-on that\n interacts with the page content. (CVE-2012-4195)\n\n - Security researcher Antoine Delignat-Lavaud of the\n PROSECCO research team at INRIA Paris reported the\n ability to use property injection by prototype to bypass\n security wrapper protections on the Location object,\n allowing the cross-origin reading of the Location\n object. (CVE-2012-4196)", "edition": 16, "published": "2012-11-01T00:00:00", "title": "SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8348)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2012-11-01T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_FIREFOX-201210B-8348.NASL", "href": "https://www.tenable.com/plugins/nessus/62780", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62780);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n\n script_name(english:\"SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8348)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"MozillaFirefox was updated to the 10.0.10ESR security release.\n\nThe following issues have been fixed :\n\n - Mozilla has fixed a number of issues related to the\n Location object in order to enhance overall security.\n Details for each of the current fixed issues are below.\n (MFSA 2012-90)\n\n Thunderbird is only affected by window.location issues\n through RSS feeds and extensions that load web content.\n\n - Security researcher Mariusz Mlynski reported that the\n true value of window.location could be shadowed by user\n content through the use of the valueOf method, which can\n be combined with some plugins to perform a cross-site\n scripting (XSS) attack on users. (CVE-2012-4194)\n\n - Mozilla security researcher moz_bug_r_a4 discovered that\n the CheckURL function in window.location can be forced\n to return the wrong calling document and principal,\n allowing a cross-site scripting (XSS) attack. There is\n also the possibility of gaining arbitrary code execution\n if the attacker can take advantage of an add-on that\n interacts with the page content. (CVE-2012-4195)\n\n - Security researcher Antoine Delignat-Lavaud of the\n PROSECCO research team at INRIA Paris reported the\n ability to use property injection by prototype to bypass\n security wrapper protections on the Location object,\n allowing the cross-origin reading of the Location\n object. (CVE-2012-4196)\"\n );\n # http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-90/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4194.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8348.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"MozillaFirefox-10.0.10-0.5.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"MozillaFirefox-translations-10.0.10-0.5.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"mozilla-nspr-4.9.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"mozilla-nspr-devel-4.9.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"MozillaFirefox-10.0.10-0.5.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"MozillaFirefox-translations-10.0.10-0.5.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"mozilla-nspr-4.9.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"mozilla-nspr-devel-4.9.3-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.3-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:38:33", "description": "Mariusz Mlynski and others discovered several flaws in Firefox that\nallowed a remote attacker to conduct cross-site scripting (XSS)\nattacks. (CVE-2012-4194, CVE-2012-4195)\n\nAntoine Delignat-Lavaud discovered a flaw in the way Firefox handled\nthe Location object. If a user were tricked into opening a specially\ncrafted page, a remote attacker could exploit this to bypass security\nprotections and perform cross-origin reading of the Location object.\n(CVE-2012-4196).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2012-10-29T00:00:00", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1620-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:firefox", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1620-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62733", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1620-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62733);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302);\n script_xref(name:\"USN\", value:\"1620-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS / 12.10 : firefox vulnerabilities (USN-1620-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mariusz Mlynski and others discovered several flaws in Firefox that\nallowed a remote attacker to conduct cross-site scripting (XSS)\nattacks. (CVE-2012-4194, CVE-2012-4195)\n\nAntoine Delignat-Lavaud discovered a flaw in the way Firefox handled\nthe Location object. If a user were tricked into opening a specially\ncrafted page, a remote attacker could exploit this to bypass security\nprotections and perform cross-origin reading of the Location object.\n(CVE-2012-4196).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1620-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected firefox package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"firefox\", pkgver:\"16.0.2+build1-0ubuntu0.10.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"firefox\", pkgver:\"16.0.2+build1-0ubuntu0.11.04.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"firefox\", pkgver:\"16.0.2+build1-0ubuntu0.11.10.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"firefox\", pkgver:\"16.0.2+build1-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"firefox\", pkgver:\"16.0.2+build1-0ubuntu0.12.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T12:28:56", "description": "Mozilla Firefox was updated to the 10.0.10ESR security release.\n\nThe following issue has been fixed :\n\n - Mozilla has fixed a number of issues related to the\n Location object in order to enhance overall security.\n Details for each of the current fixed issues are below.\n (MFSA 2012-90)\n\n Thunderbird is only affected by window.location issues\n through RSS feeds and extensions that load web content.\n\n - Security researcher Mariusz Mlynski reported that the\n true value of window.location could be shadowed by user\n content through the use of the valueOf method, which can\n be combined with some plugins to perform a cross-site\n scripting (XSS) attack on users. (CVE-2012-4194)\n\n - Mozilla security researcher moz_bug_r_a4 discovered that\n the CheckURL function in window.location can be forced\n to return the wrong calling document and principal,\n allowing a cross-site scripting (XSS) attack. There is\n also the possibility of gaining arbitrary code execution\n if the attacker can take advantage of an add-on that\n interacts with the page content. (CVE-2012-4195)\n\n - Security researcher Antoine Delignat-Lavaud of the\n PROSECCO research team at INRIA Paris reported the\n ability to use property injection by prototype to bypass\n security wrapper protections on the Location object,\n allowing the cross-origin reading of the Location\n object. (CVE-2012-4196)", "edition": 16, "published": "2013-01-25T00:00:00", "title": "SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2013-01-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:mozilla-nspr", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations", "p-cpe:/a:novell:suse_linux:11:MozillaFirefox"], "id": "SUSE_11_FIREFOX-201210B-121029.NASL", "href": "https://www.tenable.com/plugins/nessus/64134", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64134);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n\n script_name(english:\"SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7004)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Mozilla Firefox was updated to the 10.0.10ESR security release.\n\nThe following issue has been fixed :\n\n - Mozilla has fixed a number of issues related to the\n Location object in order to enhance overall security.\n Details for each of the current fixed issues are below.\n (MFSA 2012-90)\n\n Thunderbird is only affected by window.location issues\n through RSS feeds and extensions that load web content.\n\n - Security researcher Mariusz Mlynski reported that the\n true value of window.location could be shadowed by user\n content through the use of the valueOf method, which can\n be combined with some plugins to perform a cross-site\n scripting (XSS) attack on users. (CVE-2012-4194)\n\n - Mozilla security researcher moz_bug_r_a4 discovered that\n the CheckURL function in window.location can be forced\n to return the wrong calling document and principal,\n allowing a cross-site scripting (XSS) attack. There is\n also the possibility of gaining arbitrary code execution\n if the attacker can take advantage of an add-on that\n interacts with the page content. (CVE-2012-4195)\n\n - Security researcher Antoine Delignat-Lavaud of the\n PROSECCO research team at INRIA Paris reported the\n ability to use property injection by prototype to bypass\n security wrapper protections on the Location object,\n allowing the cross-origin reading of the Location\n object. (CVE-2012-4196)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=786522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4194.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4195.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4196.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 7004.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:MozillaFirefox-translations\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:mozilla-nspr-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"MozillaFirefox-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"MozillaFirefox-translations-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"mozilla-nspr-4.9.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"MozillaFirefox-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"MozillaFirefox-translations-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-4.9.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"MozillaFirefox-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"MozillaFirefox-translations-10.0.10-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"mozilla-nspr-4.9.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"mozilla-nspr-32bit-4.9.3-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"mozilla-nspr-32bit-4.9.3-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T03:27:50", "description": "The installed version of Firefox is earlier than 16.0.2 and is\ntherefore potentially affected by the following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)", "edition": 25, "published": "2012-10-29T00:00:00", "title": "Firefox < 16.0.2 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:firefox"], "id": "MACOSX_FIREFOX_16_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/62740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62740);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n\n script_name(english:\"Firefox < 16.0.2 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Firefox\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Firefox is earlier than 16.0.2 and is\ntherefore potentially affected by the following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-90/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Firefox 16.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:firefox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_firefox_installed.nasl\");\n script_require_keys(\"MacOSX/Firefox/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Firefox\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nif (get_kb_item(kb_base + '/is_esr')) exit(0, 'The Mozilla Firefox installation is in the ESR branch.');\n\nmozilla_check_version(product:'firefox', version:version, path:path, esr:FALSE, fix:'16.0.2', skippat:'10\\\\.0\\\\.', severity:SECURITY_WARNING, xss:TRUE);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:11:25", "description": "Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Firefox to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.10 ESR. You can find a link to\nthe Mozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.", "edition": 23, "published": "2012-10-29T00:00:00", "title": "RHEL 5 / 6 : firefox (RHSA-2012:1407)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2012-10-29T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:xulrunner", "p-cpe:/a:redhat:enterprise_linux:firefox", "p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xulrunner-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1407.NASL", "href": "https://www.tenable.com/plugins/nessus/62732", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1407. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62732);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_xref(name:\"RHSA\", value:\"2012:1407\");\n\n script_name(english:\"RHEL 5 / 6 : firefox (RHSA-2012:1407)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Firefox to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.10 ESR. You can find a link to\nthe Mozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n # http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a134523f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4196\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:firefox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1407\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"firefox-debuginfo-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-10.0.10-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-debuginfo-10.0.10-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"xulrunner-devel-10.0.10-1.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"firefox-debuginfo-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-10.0.10-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-debuginfo-10.0.10-1.el6_3\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"xulrunner-devel-10.0.10-1.el6_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / firefox-debuginfo / xulrunner / xulrunner-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-17T13:11:25", "description": "An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Thunderbird\nto execute arbitrary code. (CVE-2012-4194, CVE-2012-4195,\nCVE-2012-4196)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.", "edition": 22, "published": "2012-10-30T00:00:00", "title": "RHEL 5 / 6 : thunderbird (RHSA-2012:1413)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2012-10-30T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6.3", "p-cpe:/a:redhat:enterprise_linux:thunderbird", "p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2012-1413.NASL", "href": "https://www.tenable.com/plugins/nessus/62755", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1413. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62755);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_xref(name:\"RHSA\", value:\"2012:1413\");\n\n script_name(english:\"RHEL 5 / 6 : thunderbird (RHSA-2012:1413)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An updated thunderbird package that fixes multiple security issues is\nnow available for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Thunderbird is a standalone mail and newsgroup client.\n\nMultiple flaws were found in the location object implementation in\nThunderbird. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Thunderbird\nto execute arbitrary code. (CVE-2012-4194, CVE-2012-4195,\nCVE-2012-4196)\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nNote: None of the issues in this advisory can be exploited by a\nspecially crafted HTML mail message as JavaScript is disabled by\ndefault for mail messages. They could be exploited another way in\nThunderbird, for example, when viewing the full remote content of an\nRSS feed.\n\nAll Thunderbird users should upgrade to this updated package, which\ncontains Thunderbird version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Thunderbird must be restarted for the\nchanges to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1413\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4196\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected thunderbird and / or thunderbird-debuginfo\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:thunderbird-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1413\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"thunderbird-debuginfo-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.10-1.el5_8\", allowmaj:TRUE)) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"thunderbird-debuginfo-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"thunderbird-debuginfo-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"thunderbird-debuginfo-10.0.10-1.el6_3\", allowmaj:TRUE)) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"thunderbird / thunderbird-debuginfo\");\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-17T12:47:20", "description": "From Red Hat Security Advisory 2012:1407 :\n\nUpdated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Firefox to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.10 ESR. You can find a link to\nthe Mozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.", "edition": 19, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : firefox (ELSA-2012-1407)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xulrunner", "p-cpe:/a:oracle:linux:firefox", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:xulrunner-devel"], "id": "ORACLELINUX_ELSA-2012-1407.NASL", "href": "https://www.tenable.com/plugins/nessus/68647", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:1407 and \n# Oracle Linux Security Advisory ELSA-2012-1407 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68647);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_xref(name:\"RHSA\", value:\"2012:1407\");\n\n script_name(english:\"Oracle Linux 5 / 6 : firefox (ELSA-2012-1407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:1407 :\n\nUpdated firefox packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nMozilla Firefox is an open source web browser. XULRunner provides the\nXUL Runtime environment for Mozilla Firefox.\n\nMultiple flaws were found in the location object implementation in\nFirefox. Malicious content could be used to perform cross-site\nscripting attacks, bypass the same-origin policy, or cause Firefox to\nexecute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\nFor technical details regarding these flaws, refer to the Mozilla\nsecurity advisories for Firefox 10.0.10 ESR. You can find a link to\nthe Mozilla advisories in the References section of this erratum.\n\nRed Hat would like to thank the Mozilla project for reporting these\nissues. Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and\nAntoine Delignat-Lavaud as the original reporters of these issues.\n\nAll Firefox users should upgrade to these updated packages, which\ncontain Firefox version 10.0.10 ESR, which corrects these issues.\nAfter installing the update, Firefox must be restarted for the changes\nto take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003099.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-October/003100.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected firefox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xulrunner-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"firefox-10.0.10-1.0.1.el5_8\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-10.0.10-1.0.1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xulrunner-devel-10.0.10-1.0.1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"firefox-10.0.10-1.0.1.el6_3\", allowmaj:TRUE)) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-10.0.10-1.0.1.el6_3\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"xulrunner-devel-10.0.10-1.0.1.el6_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / xulrunner / xulrunner-devel\");\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2021-01-01T03:40:31", "description": "The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)", "edition": 25, "published": "2012-10-29T00:00:00", "title": "Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities (Mac OS X)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/a:mozilla:thunderbird"], "id": "MACOSX_THUNDERBIRD_10_0_10.NASL", "href": "https://www.tenable.com/plugins/nessus/62741", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62741);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/12/04\");\n\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n\n script_name(english:\"Thunderbird 10.x < 10.0.10 Multiple Vulnerabilities (Mac OS X)\");\n script_summary(english:\"Checks version of Thunderbird\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mac OS X host contains a mail client that is potentially\naffected by several vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The installed version of Thunderbird 10.x is potentially affected by\nthe following security issues :\n \n - The true value of 'window.location' can be shadowed by\n user content through the use of the 'valueOf' method,\n which can be combined with some plugins to perform \n cross-site scripting attacks. (CVE-2012-4194)\n\n - The 'CheckURL' function of 'window.location' can be\n forced to return the wrong calling document and \n principal, allowing a cross-site scripting attack.\n (CVE-2012-4195)\n\n - It is possible to use property injection by prototype to\n bypass security wrapper protections on the 'Location'\n object, allowing the cross-origin reading of the \n 'Location' object. (CVE-2012-4196)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mozilla.org/en-US/security/advisories/mfsa2012-90/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Thunderbird 10.0.10 ESR or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-4195\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mozilla:thunderbird\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_thunderbird_installed.nasl\");\n script_require_keys(\"MacOSX/Thunderbird/Installed\");\n\n exit(0);\n}\n\ninclude(\"mozilla_version.inc\");\nkb_base = \"MacOSX/Thunderbird\";\nget_kb_item_or_exit(kb_base+\"/Installed\");\n\nversion = get_kb_item_or_exit(kb_base+\"/Version\", exit_code:1);\npath = get_kb_item_or_exit(kb_base+\"/Path\", exit_code:1);\n\nmozilla_check_version(product:'thunderbird', version:version, path:path, fix:'10.0.10', min:'10.0', severity:SECURITY_WARNING, xss:TRUE);", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-01-02T10:57:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "Check for the Version of thunderbird", "modified": "2017-12-26T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:870855", "href": "http://plugins.openvas.org/nasl.php?oid=870855", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2012:1413-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2012:1413-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, bypass the same-origin policy, or cause Thunderbird to\n execute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\n Delignat-Lavaud as the original reporters of these issues.\n\n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.10 ESR, which corrects these issues.\n After installing the update, Thunderbird must be restarted for the changes\n to take effect.\";\n\ntag_affected = \"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00033.html\");\n script_id(870855);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 10:59:36 +0530 (Fri, 02 Nov 2012)\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:1413-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2012:1413-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-08-13T20:15:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.", "modified": "2019-07-17T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:1361412562310803631", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803631", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803631\");\n script_version(\"2019-07-17T11:14:11+0000\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-17 11:14:11 +0000 (Wed, 17 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 16:08:12 +0530 (Fri, 02 Nov 2012)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/51144\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1027703\");\n script_xref(name:\"URL\", value:\"http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Mozilla/Firefox-ESR/MacOSX/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers to inject scripts and bypass\n certain security restrictions.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox ESR version 10.x before 10.0.10 on Mac OS X\");\n script_tag(name:\"insight\", value:\"Multiple errors\n\n - When handling the 'window.location' object.\n\n - Within CheckURL() function of the 'window.location' object, which can be\n forced to return the wrong calling document and principal.\n\n - Within handling of 'Location' object can be exploited to bypass security\n wrapper protection.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox ESR version 10.0.10 or later.\");\n script_tag(name:\"summary\", value:\"This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nffVer = get_kb_item(\"Mozilla/Firefox-ESR/MacOSX/Version\");\nif(ffVer && ffVer =~ \"^10\\.0\")\n{\n if(version_in_range(version:ffVer, test_version:\"10.0\", test_version2:\"10.0.09\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T20:19:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-10-29T00:00:00", "id": "OPENVAS:1361412562310870854", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870854", "type": "openvas", "title": "RedHat Update for firefox RHSA-2012:1407-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for firefox RHSA-2012:1407-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00032.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870854\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 11:02:32 +0530 (Mon, 29 Oct 2012)\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1407-01\");\n script_name(\"RedHat Update for firefox RHSA-2012:1407-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(6|5)\");\n script_tag(name:\"affected\", value:\"firefox on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Firefox is an open source web browser. XULRunner provides the XUL\n Runtime environment for Mozilla Firefox.\n\n Multiple flaws were found in the location object implementation in Firefox.\n Malicious content could be used to perform cross-site scripting attacks,\n bypass the same-origin policy, or cause Firefox to execute arbitrary code.\n (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\n For technical details regarding these flaws, refer to the Mozilla security\n advisories for Firefox 10.0.10 ESR. You can find a link to the Mozilla\n advisories in the References section of this erratum.\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\n Delignat-Lavaud as the original reporters of these issues.\n\n All Firefox users should upgrade to these updated packages, which contain\n Firefox version 10.0.10 ESR, which corrects these issues. After installing\n the update, Firefox must be restarted for the changes to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.10~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"firefox-debuginfo\", rpm:\"firefox-debuginfo~10.0.10~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.10~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-debuginfo\", rpm:\"xulrunner-debuginfo~10.0.10~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.10~1.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-02T21:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.", "modified": "2017-04-14T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:803040", "href": "http://plugins.openvas.org/nasl.php?oid=803040", "type": "openvas", "title": "Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_prdts_mult_vuln_nov12_win.nasl 5956 2017-04-14 09:02:12Z teissa $\n#\n# Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to inject scripts and bypass\n certain security restrictions.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox version before 16.0.2 on Windows\";\ntag_insight = \"Multiple errors\n - When handling the 'window.location' object.\n - Within CheckURL() function of the 'window.location' object, which can be\n forced to return the wrong calling document and principal.\n - Within handling of 'Location' object can be exploited to bypass security\n wrapper protection.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 16.0.2 or later,\n For updates refer to http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"This host is installed with Mozilla Firefox and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803040);\n script_version(\"$Revision: 5956 $\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 16:08:12 +0530 (Fri, 02 Nov 2012)\");\n script_name(\"Mozilla Firefox Multiple Vulnerabilities - November12 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51144\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027703\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Firefox Check\nffVer = \"\";\nffVer = get_kb_item(\"Firefox/Win/Ver\");\n\nif(ffVer)\n{\n # Grep for Firefox version\n if(version_is_less(version:ffVer, test_version:\"16.0.2\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-14T00:00:00", "published": "2012-10-29T00:00:00", "id": "OPENVAS:72540", "href": "http://plugins.openvas.org/nasl.php?oid=72540", "type": "openvas", "title": "FreeBSD Ports: firefox", "sourceData": "#\n#VID 6b3b1b97-207c-11e2-a03f-c8600054b392\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 6b3b1b97-207c-11e2-a03f-c8600054b392\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n firefox\n linux-firefox\n linux-seamonkey\n linux-thunderbird\n seamonkey\n thunderbird\n libxul\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.mozilla.org/security/known-vulnerabilities/\nhttp://www.mozilla.org/security/announce/2012/mfsa2012-90.html\nhttp://www.vuxml.org/freebsd/6b3b1b97-207c-11e2-a03f-c8600054b392.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(72540);\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 5956 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-14 11:02:12 +0200 (Fri, 14 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-29 10:22:19 -0400 (Mon, 29 Oct 2012)\");\n script_name(\"FreeBSD Ports: firefox\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"11.0,1\")>0 && revcomp(a:bver, b:\"16.0.2,1\")<0) {\n txt += \"Package firefox version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0.10,1\")<0) {\n txt += \"Package firefox version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"linux-firefox\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0.10,1\")<0) {\n txt += \"Package linux-firefox version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"linux-seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.13.2\")<0) {\n txt += \"Package linux-seamonkey version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"linux-thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0.10\")<0) {\n txt += \"Package linux-thunderbird version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"seamonkey\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.13.2\")<0) {\n txt += \"Package seamonkey version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"thunderbird\");\nif(!isnull(bver) && revcomp(a:bver, b:\"11.0\")>0 && revcomp(a:bver, b:\"16.0.2\")<0) {\n txt += \"Package thunderbird version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nif(!isnull(bver) && revcomp(a:bver, b:\"10.0.10\")<0) {\n txt += \"Package thunderbird version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\nbver = portver(pkg:\"libxul\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.9.2\")>0 && revcomp(a:bver, b:\"10.0.10\")<0) {\n txt += \"Package libxul version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:11:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.", "modified": "2017-05-11T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:803627", "href": "http://plugins.openvas.org/nasl.php?oid=803627", "type": "openvas", "title": "Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_firefox_esr_mult_vuln_nov12_win.nasl 6104 2017-05-11 09:03:48Z teissa $\n#\n# Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Windows)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to inject scripts and bypass\n certain security restrictions.\n Impact Level: Application\";\n\ntag_affected = \"Mozilla Firefox ESR version 10.x before 10.0.10 on Windows\";\ntag_insight = \"Multiple errors\n - When handling the 'window.location' object.\n - Within CheckURL() function of the 'window.location' object, which can be\n forced to return the wrong calling document and principal.\n - Within handling of 'Location' object can be exploited to bypass security\n wrapper protection.\";\ntag_solution = \"Upgrade to Mozilla Firefox ESR version 10.0.10 or later,\n For updates refer to http://www.mozilla.com/en-US/firefox/all.html\";\ntag_summary = \"This host is installed with Mozilla Firefox ESR and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803627);\n script_version(\"$Revision: 6104 $\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-11 11:03:48 +0200 (Thu, 11 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 16:08:12 +0530 (Fri, 02 Nov 2012)\");\n script_name(\"Mozilla Firefox ESR Multiple Vulnerabilities - November12 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51144\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027703\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_mandatory_keys(\"Firefox-ESR/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Firefox Check\nffVer = \"\";\nffVer = get_kb_item(\"Firefox-ESR/Win/Ver\");\n\nif(ffVer && ffVer =~ \"^10.0\")\n{\n # Grep for Firefox version\n if(version_in_range(version:ffVer, test_version:\"10.0\", test_version2:\"10.0.09\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-08-13T20:23:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:1361412562310870855", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870855", "type": "openvas", "title": "RedHat Update for thunderbird RHSA-2012:1413-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for thunderbird RHSA-2012:1413-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-October/msg00033.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870855\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 10:59:36 +0530 (Fri, 02 Nov 2012)\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:1413-01\");\n script_name(\"RedHat Update for thunderbird RHSA-2012:1413-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"thunderbird on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, bypass the same-origin policy, or cause Thunderbird to\n execute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\n Delignat-Lavaud as the original reporters of these issues.\n\n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.10 ESR, which corrects these issues.\n After installing the update, Thunderbird must be restarted for the changes\n to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"thunderbird-debuginfo\", rpm:\"thunderbird-debuginfo~10.0.10~1.el6_3\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2017-07-02T21:11:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.", "modified": "2017-05-08T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:803633", "href": "http://plugins.openvas.org/nasl.php?oid=803633", "type": "openvas", "title": "Mozilla Thunderbird ESR Multiple Vulnerabilities - November12 (Mac OS X)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_mozilla_thunderbird_esr_mult_vuln_nov12_macosx.nasl 6079 2017-05-08 09:03:33Z teissa $\n#\n# Mozilla Thunderbird ESR Multiple Vulnerabilities - November12 (Mac OS X)\n#\n# Authors:\n# Arun Kallavi <karun@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attackers to inject scripts and bypass\n certain security restrictions.\n Impact Level: Application\";\n\ntag_affected = \"Thunderbird ESR version 10.x before 10.0.10 on Mac OS X\";\ntag_insight = \"Multiple errors\n - When handling the 'window.location' object.\n - Within CheckURL() function of the 'window.location' object, which can be\n forced to return the wrong calling document and principal.\n - Within handling of 'Location' object can be exploited to bypass security\n wrapper protection.\";\ntag_solution = \"Upgrade to Thunderbird ESR 10.0.10 or later,\n http://www.mozilla.org/en-US/thunderbird\";\ntag_summary = \"This host is installed with Mozilla Thunderbird ESR and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803633);\n script_version(\"$Revision: 6079 $\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_bugtraq_id(56301, 56302, 56306);\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-08 11:03:33 +0200 (Mon, 08 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 16:08:12 +0530 (Fri, 02 Nov 2012)\");\n script_name(\"Mozilla Thunderbird ESR Multiple Vulnerabilities - November12 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/51144\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1027703\");\n script_xref(name : \"URL\" , value : \"http://www.mozilla.org/security/announce/2012/mfsa2012-90.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_mozilla_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"ThunderBird-ESR/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n# Thunderbird Check\ntbVer = \"\";\ntbVer = get_kb_item(\"ThunderBird-ESR/MacOSX/Version\");\n\nif(tbVer && tbVer =~ \"^10.0\")\n{\n # Grep for Thunderbird version\n if(version_in_range(version:tbVer, test_version:\"10.0\", test_version2:\"10.0.09\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-08-13T20:11:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "Oracle Linux Local Security Checks ELSA-2012-1407", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123790", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123790", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-1407", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-1407.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123790\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:08:35 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-1407\");\n script_tag(name:\"insight\", value:\"ELSA-2012-1407 - firefox security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-1407\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-1407.html\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.10~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.10~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.10~1.0.1.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~10.0.10~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~10.0.10~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xulrunner-devel\", rpm:\"xulrunner-devel~10.0.10~1.0.1.el6_3\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2020-08-13T20:21:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-4195", "CVE-2012-4194", "CVE-2012-4196"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-11-02T00:00:00", "id": "OPENVAS:1361412562310881531", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881531", "type": "openvas", "title": "CentOS Update for thunderbird CESA-2012:1413 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for thunderbird CESA-2012:1413 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-October/018962.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881531\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-02 11:00:31 +0530 (Fri, 02 Nov 2012)\");\n script_cve_id(\"CVE-2012-4194\", \"CVE-2012-4195\", \"CVE-2012-4196\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:1413\");\n script_name(\"CentOS Update for thunderbird CESA-2012:1413 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"thunderbird on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Mozilla Thunderbird is a standalone mail and newsgroup client.\n\n Multiple flaws were found in the location object implementation in\n Thunderbird. Malicious content could be used to perform cross-site\n scripting attacks, bypass the same-origin policy, or cause Thunderbird to\n execute arbitrary code. (CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)\n\n Red Hat would like to thank the Mozilla project for reporting these issues.\n Upstream acknowledges Mariusz Mlynski, moz_bug_r_a4, and Antoine\n Delignat-Lavaud as the original reporters of these issues.\n\n Note: None of the issues in this advisory can be exploited by a\n specially-crafted HTML mail message as JavaScript is disabled by default\n for mail messages. They could be exploited another way in Thunderbird, for\n example, when viewing the full remote content of an RSS feed.\n\n All Thunderbird users should upgrade to this updated package, which\n contains Thunderbird version 10.0.10 ESR, which corrects these issues.\n After installing the update, Thunderbird must be restarted for the changes\n to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~10.0.10~1.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-3974", "CVE-2012-4194"], "description": "SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. ", "modified": "2012-11-14T02:12:21", "published": "2012-11-14T02:12:21", "id": "FEDORA:45BAA20307", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: seamonkey-2.13.2-2.fc18", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:49", "bulletinFamily": "software", "cvelist": ["CVE-2012-4193", "CVE-2012-3989", "CVE-2012-3986", "CVE-2012-4185", "CVE-2012-3991", "CVE-2012-3985", "CVE-2012-3993", "CVE-2012-3988", "CVE-2012-3994", "CVE-2012-4183", "CVE-2012-4181", "CVE-2012-4186", "CVE-2012-4191", "CVE-2012-4930", "CVE-2012-3984", "CVE-2012-4182", "CVE-2012-4187", "CVE-2012-3983", "CVE-2012-3982", "CVE-2012-4184", "CVE-2012-3992", "CVE-2012-3977", "CVE-2012-4180", "CVE-2012-3987", "CVE-2012-4190", "CVE-2012-4192", "CVE-2012-4188", "CVE-2012-3990", "CVE-2012-4179", "CVE-2012-4196"], "description": "Information leakage, multiple memory corruptions, crossite scripting, etc.", "edition": 1, "modified": "2012-10-29T00:00:00", "published": "2012-10-29T00:00:00", "id": "SECURITYVULNS:VULN:12639", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12639", "title": "Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1945", "CVE-2011-3648", "CVE-2009-0355", "CVE-2011-0061", "CVE-2011-0077", "CVE-2012-0478", "CVE-2012-4193", "CVE-2011-1202", "CVE-2012-0442", "CVE-2010-3772", "CVE-2011-0071", "CVE-2009-2470", "CVE-2010-0654", "CVE-2009-3388", "CVE-2012-1962", "CVE-2012-0443", "CVE-2011-3866", "CVE-2011-0068", "CVE-2012-5842", "CVE-2012-4212", "CVE-2009-2477", "CVE-2009-1563", "CVE-2010-0176", "CVE-2011-3640", "CVE-2011-0083", "CVE-2010-1203", "CVE-2009-3076", "CVE-2012-1970", "CVE-2009-3389", "CVE-2008-3835", "CVE-2012-3989", "CVE-2010-2762", "CVE-2012-5830", "CVE-2012-4210", "CVE-2009-1305", "CVE-2011-3026", "CVE-2009-3979", "CVE-2011-2370", "CVE-2012-0460", "CVE-2012-1973", "CVE-2009-3376", "CVE-2011-2369", "CVE-2011-2998", "CVE-2011-3654", "CVE-2011-2605", "CVE-2009-1833", "CVE-2010-0165", "CVE-2012-1974", "CVE-2010-0220", "CVE-2010-2766", "CVE-2011-2993", "CVE-2012-4195", "CVE-2010-0168", "CVE-2012-3986", "CVE-2010-0160", "CVE-2009-1169", "CVE-2011-2371", "CVE-2009-3379", "CVE-2012-4185", "CVE-2010-3777", "CVE-2012-3991", "CVE-2012-5354", "CVE-2012-4206", "CVE-2009-3071", "CVE-2012-3968", "CVE-2010-1214", "CVE-2012-3963", "CVE-2010-0174", "CVE-2010-0172", "CVE-2009-2535", "CVE-2012-0452", "CVE-2009-1312", "CVE-2012-1956", "CVE-2012-3978", "CVE-2012-3985", "CVE-2011-2995", "CVE-2012-5829", "CVE-2009-1571", "CVE-2008-5505", "CVE-2012-5838", "CVE-2011-2986", "CVE-2010-1205", "CVE-2009-2210", "CVE-2009-2478", "CVE-2008-6961", "CVE-2012-0479", "CVE-2012-0450", "CVE-2012-1940", "CVE-2012-3993", "CVE-2008-5500", "CVE-2012-5836", "CVE-2009-3274", "CVE-2010-1125", "CVE-2009-0772", "CVE-2012-3995", "CVE-2012-4201", "CVE-2010-0159", "CVE-2009-0773", "CVE-2011-3659", "CVE-2011-3663", "CVE-2010-3131", "CVE-2012-0470", "CVE-2012-0446", "CVE-2008-4063", "CVE-2012-3976", "CVE-2012-1972", "CVE-2010-1200", "CVE-2010-0175", "CVE-2010-0170", "CVE-2012-3988", "CVE-2012-0457", "CVE-2010-3778", "CVE-2012-3994", "CVE-2007-2436", "CVE-2012-3962", "CVE-2010-2770", "CVE-2010-3774", "CVE-2012-0459", "CVE-2011-2362", "CVE-2009-1304", "CVE-2010-1213", "CVE-2010-3177", "CVE-2012-5843", "CVE-2009-1835", "CVE-2011-0085", "CVE-2009-0352", "CVE-2009-3984", "CVE-2009-3380", "CVE-2008-5510", "CVE-2011-0080", "CVE-2012-1950", "CVE-2008-5502", "CVE-2009-3981", "CVE-2010-3765", "CVE-2010-0167", "CVE-2009-3373", "CVE-2009-3980", "CVE-2008-4070", "CVE-2012-4183", "CVE-2010-3178", "CVE-2012-1994", "CVE-2011-3661", "CVE-2009-3383", "CVE-2012-4181", "CVE-2011-3652", "CVE-2009-1311", "CVE-2011-1712", "CVE-2008-4067", "CVE-2010-1210", "CVE-2011-2364", "CVE-2009-2469", "CVE-2011-0073", "CVE-2010-1197", "CVE-2010-1207", "CVE-2009-0652", "CVE-2012-4186", "CVE-2012-1948", "CVE-2008-5012", "CVE-2011-2982", "CVE-2012-1938", "CVE-2012-0449", "CVE-2010-3769", "CVE-2012-3969", "CVE-2009-1838", "CVE-2012-1953", "CVE-2008-5013", "CVE-2012-1949", "CVE-2012-0456", "CVE-2011-2372", "CVE-2010-3773", "CVE-2009-1309", "CVE-2011-0079", "CVE-2010-3169", "CVE-2009-2662", "CVE-2012-3970", "CVE-2011-2997", "CVE-2011-0053", "CVE-2009-1832", "CVE-2012-5840", "CVE-2010-3176", "CVE-2012-4191", "CVE-2010-3174", "CVE-2012-1966", "CVE-2010-3768", "CVE-2009-3372", "CVE-2010-2763", "CVE-2011-0066", "CVE-2010-1212", "CVE-2009-1837", "CVE-2010-1206", "CVE-2010-1211", "CVE-2009-2464", "CVE-2011-2990", "CVE-2010-1121", "CVE-2009-0356", "CVE-2011-3389", "CVE-2010-0164", "CVE-2008-3836", "CVE-2010-3167", "CVE-2012-4202", "CVE-2007-2671", "CVE-2011-2984", "CVE-2010-3180", "CVE-2012-3957", "CVE-2011-3660", "CVE-2009-3986", "CVE-2012-1941", "CVE-2009-2408", "CVE-2010-3399", "CVE-2009-2665", "CVE-2008-4066", "CVE-2008-5018", "CVE-2009-3978", "CVE-2012-3984", "CVE-2009-0354", "CVE-2009-3079", "CVE-2011-0056", "CVE-2012-0444", "CVE-2011-3650", "CVE-2010-2753", "CVE-2012-1946", "CVE-2010-3776", "CVE-2010-1215", "CVE-2012-4182", "CVE-2011-2980", "CVE-2012-4187", "CVE-2008-4069", "CVE-2010-0166", "CVE-2011-3647", "CVE-2011-0065", "CVE-2011-0062", "CVE-2008-0016", "CVE-2009-0358", "CVE-2011-3101", "CVE-2010-3168", "CVE-2010-0173", "CVE-2009-1044", "CVE-2008-5513", "CVE-2008-4059", "CVE-2010-2764", "CVE-2011-0081", "CVE-2009-0771", "CVE-2009-1392", "CVE-2008-5504", "CVE-2008-5019", "CVE-2012-1954", "CVE-2009-0774", "CVE-2009-3375", "CVE-2012-0461", "CVE-2011-2376", "CVE-2009-2472", "CVE-2012-3958", "CVE-2009-0071", "CVE-2008-5023", "CVE-2012-0469", "CVE-2010-3171", "CVE-2009-3072", "CVE-2012-3973", "CVE-2008-5822", "CVE-2012-1975", "CVE-2011-0075", "CVE-2012-0464", "CVE-2012-1967", "CVE-2011-3653", "CVE-2010-0648", "CVE-2010-0178", "CVE-2010-3166", "CVE-2010-0177", "CVE-2011-0074", "CVE-2012-3956", "CVE-2010-2769", "CVE-2011-3649", "CVE-2012-3982", "CVE-2009-3555", "CVE-2011-2989", "CVE-2010-1196", "CVE-2008-3837", "CVE-2009-0357", "CVE-2008-5021", "CVE-2008-5017", "CVE-2012-3966", "CVE-2012-5839", "CVE-2011-2378", "CVE-2009-1308", "CVE-2010-3775", "CVE-2009-2467", "CVE-2012-1961", "CVE-2010-5074", "CVE-2011-2996", "CVE-2010-3173", "CVE-2012-4216", "CVE-2008-4062", "CVE-2010-3179", "CVE-2010-0182", "CVE-2012-3967", "CVE-2011-3651", "CVE-2008-4060", "CVE-2010-0181", "CVE-2012-1951", "CVE-2012-0475", "CVE-2012-3965", "CVE-2012-1952", "CVE-2010-1201", "CVE-2011-4688", "CVE-2009-1306", "CVE-2010-1585", "CVE-2009-2479", "CVE-2012-3959", "CVE-2012-0455", "CVE-2009-0777", "CVE-2010-2755", "CVE-2011-0084", "CVE-2011-0051", "CVE-2010-3767", "CVE-2012-1939", "CVE-2009-1834", "CVE-2010-3771", "CVE-2010-0183", "CVE-2012-0474", "CVE-2012-3975", "CVE-2010-2768", "CVE-2008-5014", "CVE-2008-0367", "CVE-2008-4058", "CVE-2011-3002", "CVE-2012-4184", "CVE-2011-0057", "CVE-2012-0447", "CVE-2011-3232", "CVE-2008-5913", "CVE-2007-3073", "CVE-2012-4205", "CVE-2010-2751", "CVE-2009-1836", "CVE-2011-0069", "CVE-2008-5022", "CVE-2008-5512", "CVE-2012-3992", "CVE-2009-3374", "CVE-2008-5501", "CVE-2008-4068", "CVE-2008-5016", "CVE-2011-3004", "CVE-2012-3980", "CVE-2008-5503", "CVE-2011-2374", "CVE-2012-1955", "CVE-2009-1839", "CVE-2012-1960", "CVE-2012-0445", "CVE-2009-3074", "CVE-2012-1965", "CVE-2011-3670", "CVE-2012-0462", "CVE-2010-1028", "CVE-2010-0162", "CVE-2011-2377", "CVE-2009-2463", "CVE-2009-2061", "CVE-2009-3070", "CVE-2012-3977", "CVE-2011-3000", "CVE-2010-2765", "CVE-2009-3069", "CVE-2010-0171", "CVE-2010-2767", "CVE-2009-0353", "CVE-2011-0078", "CVE-2012-3960", "CVE-2010-3175", "CVE-2009-0775", "CVE-2012-0451", "CVE-2011-3655", "CVE-2012-4180", "CVE-2009-2044", "CVE-2010-3182", "CVE-2009-0776", "CVE-2009-3371", "CVE-2009-3377", "CVE-2012-1959", "CVE-2011-2363", "CVE-2009-3075", "CVE-2010-0163", "CVE-2010-1208", "CVE-2011-0070", "CVE-2012-1947", "CVE-2009-1841", "CVE-2010-3170", "CVE-2011-3005", "CVE-2011-0059", "CVE-2012-1971", "CVE-2009-3983", "CVE-2012-4208", "CVE-2009-3987", "CVE-2011-3658", "CVE-2011-2373", "CVE-2008-5511", "CVE-2012-1957", "CVE-2012-1958", "CVE-2011-0054", "CVE-2012-4190", "CVE-2008-4064", "CVE-2012-1976", "CVE-2011-1187", "CVE-2012-5835", "CVE-2010-3183", "CVE-2009-2654", "CVE-2010-1202", "CVE-2012-0468", "CVE-2009-3982", "CVE-2009-3985", "CVE-2009-2065", "CVE-2009-1313", "CVE-2009-3382", "CVE-2008-5508", "CVE-2012-3972", "CVE-2012-4207", "CVE-2011-2988", "CVE-2010-3770", "CVE-2008-4061", "CVE-2010-1199", "CVE-2012-4204", "CVE-2008-0017", "CVE-2009-3988", "CVE-2010-3400", "CVE-2009-1302", "CVE-2011-2985", "CVE-2009-2466", "CVE-2012-4192", "CVE-2011-0058", "CVE-2011-2987", "CVE-2012-4188", "CVE-2012-0441", "CVE-2008-5024", "CVE-2011-0076", "CVE-2007-2437", "CVE-2012-5833", "CVE-2011-2999", "CVE-2012-3964", "CVE-2012-5841", "CVE-2010-0179", "CVE-2010-1209", "CVE-2010-2754", "CVE-2008-5507", "CVE-2009-2471", "CVE-2012-3990", "CVE-2011-2375", "CVE-2010-1198", "CVE-2008-4065", "CVE-2009-1840", "CVE-2011-3665", "CVE-2009-3381", "CVE-2011-0067", "CVE-2010-2760", "CVE-2012-1937", "CVE-2012-4215", "CVE-2009-2043", "CVE-2009-1307", "CVE-2009-2664", "CVE-2012-0463", "CVE-2010-4508", "CVE-2009-1310", "CVE-2009-3077", "CVE-2011-3003", "CVE-2011-2991", "CVE-2008-5015", "CVE-2011-0082", "CVE-2011-2983", "CVE-2012-4179", "CVE-2008-4582", "CVE-2011-3001", "CVE-2012-1964", "CVE-2009-2462", "CVE-2009-3378", "CVE-2011-3062", "CVE-2009-1303", "CVE-2012-0477", "CVE-2012-0473", "CVE-2012-4194", "CVE-2011-2365", "CVE-2012-4209", "CVE-2012-1963", "CVE-2012-4196", "CVE-2008-5506", "CVE-2009-2404", "CVE-2009-2465", "CVE-2012-0467", "CVE-2011-2981", "CVE-2012-0458", "CVE-2010-0169", "CVE-2010-2752", "CVE-2009-3078", "CVE-2012-0471", "CVE-2012-3961", "CVE-2010-3766", "CVE-2012-3971", "CVE-2008-5052", "CVE-2011-0055", "CVE-2009-1828", "CVE-2011-0072"], "description": "### Background\n\nMozilla Firefox is an open-source web browser and Mozilla Thunderbird an open-source email client, both from the Mozilla Project. The SeaMonkey project is a community effort to deliver production-quality releases of code derived from the application formerly known as the \u2018Mozilla Application Suite\u2019. XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications such as Firefox and Thunderbird. NSS is Mozilla\u2019s Network Security Services library that implements PKI support. IceCat is the GNU version of Firefox. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL\u2019s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser\u2019s font, conduct clickjacking attacks, or have other unspecified impact. \n\nA local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Mozilla Firefox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nAll users of the Mozilla Firefox binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nAll Mozilla Thunderbird users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nAll users of the Mozilla Thunderbird binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nAll Mozilla SeaMonkey users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-2.14-r1\"\n \n\nAll users of the Mozilla SeaMonkey binary package should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/seamonkey-bin-2.14\"\n \n\nAll NSS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/nss-3.14\"\n \n\nThe \u201cwww-client/mozilla-firefox\u201d package has been merged into the \u201cwww-client/firefox\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox\u201d and then emerge the latest \u201cwww-client/firefox\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-10.0.11\"\n \n\nThe \u201cwww-client/mozilla-firefox-bin\u201d package has been merged into the \u201cwww-client/firefox-bin\u201d package. To upgrade, please unmerge \u201cwww-client/mozilla-firefox-bin\u201d and then emerge the latest \u201cwww-client/firefox-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"www-client/mozilla-firefox-bin\"\n # emerge --ask --oneshot --verbose \">=www-client/firefox-bin-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird\u201d package has been merged into the \u201cmail-client/thunderbird\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird\u201d and then emerge the latest \u201cmail-client/thunderbird\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird\"\n # emerge --ask --oneshot --verbose \">=mail-client/thunderbird-10.0.11\"\n \n\nThe \u201cmail-client/mozilla-thunderbird-bin\u201d package has been merged into the \u201cmail-client/thunderbird-bin\u201d package. To upgrade, please unmerge \u201cmail-client/mozilla-thunderbird-bin\u201d and then emerge the latest \u201cmail-client/thunderbird-bin\u201d package: \n \n \n # emerge --sync\n # emerge --unmerge \"mail-client/mozilla-thunderbird-bin\"\n # emerge --ask --oneshot --verbose\n \">=mail-client/thunderbird-bin-10.0.11\"\n \n\nGentoo discontinued support for GNU IceCat. We recommend that users unmerge GNU IceCat: \n \n \n # emerge --unmerge \"www-client/icecat\"\n \n\nGentoo discontinued support for XULRunner. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner\"\n \n\nGentoo discontinued support for the XULRunner binary package. We recommend that users unmerge XULRunner: \n \n \n # emerge --unmerge \"net-libs/xulrunner-bin\"", "edition": 1, "modified": "2013-01-08T00:00:00", "published": "2013-01-08T00:00:00", "id": "GLSA-201301-01", "href": "https://security.gentoo.org/glsa/201301-01", "type": "gentoo", "title": "Mozilla Products: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
